<?xml version='1.0' encoding='utf-8'?> <!DOCTYPE rfc SYSTEM "rfc2629-xhtml.ent"><?rfc toc="yes"?> <?rfc tocompact="yes"?> <?rfc tocdepth="3"?> <?rfc tocindent="yes"?> <?rfc symrefs="yes"?> <?rfc sortrefs="yes"?> <?rfc comments="yes"?> <?rfc inline="yes"?> <?rfc compact="no"?> <?rfc subcompact="no"?> <?rfc authorship="yes"?> <?rfc tocappendix="yes"?><rfc xmlns:xi="http://www.w3.org/2001/XInclude" category="info"ipr='trust200902'ipr="trust200902" tocInclude="true" sortRefs="true" symRefs="true" obsoletes="" updates="" consensus="true" submissionType="IETF" xml:lang="en" version="3" docName="draft-ietf-6tisch-architecture-30">number="9030"> <front> <titleabbrev='6tisch-architecture'>Anabbrev="6TiSCH Architecture">An Architecture for IPv6 over theTSCH modeTime-Slotted Channel Hopping Mode of IEEE802.15.4</title>802.15.4 (6TiSCH)</title> <seriesInfo name="RFC" value="9030"/> <authorinitials='P' surname='Thubert' fullname='Pascal Thubert' role='editor'>initials="P" surname="Thubert" fullname="Pascal Thubert" role="editor"> <organizationabbrev='Cisco Systems'>Ciscoabbrev="Cisco Systems">Cisco Systems, Inc</organization> <address> <postal><street>Building D</street><extaddr>Building D</extaddr> <street>45 Allee des Ormes - BP1200 </street> <city>Mougins - Sophia Antipolis</city> <code>06254</code> <country>France</country> </postal> <phone>+33 497 23 26 34</phone> <email>pthubert@cisco.com</email> </address> </author><date/><date month="May" year="2021"/> <area>Internet Area</area> <workgroup>6TiSCH</workgroup><keyword>Draft</keyword><keyword>deterministic wireless</keyword> <keyword>radio</keyword> <keyword>mesh</keyword> <abstract> <t> This document describes a network architecture that provides low-latency,low-jitterlow-jitter, and high-reliability packet delivery. It combines a high-speed powered backbone and subnetworks using IEEE 802.15.4 time-slotted channel hopping (TSCH) to meet the requirements ofLowPowerlow-power wireless deterministic applications.<!-- This document presents the 6TiSCH architecture of an IPv6 Multi-Link subnet that is composed of a high-speed powered backbone and a number of IEEE Std. 802.15.4 TSCH low-power wireless networks attached and synchronized by Backbone Routers. The architecture defines mechanisms to establish and maintain routing and scheduling in a centralized, distributed, or mixed fashion. Backbone Routers perform proxy Neighbor Discovery operations over the backbone on behalf of the wireless devices, so they can share a same subnet and appear to be connected to the same backbone as classical devices. --></t> </abstract><!--note title="Requirements Language"> <t> The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in <xref target="RFC2119">RFC 2119</xref>. </t> </note--></front> <middle> <section><name>Introduction</name> <t> WirelessNetworksnetworks enable a wide variety of devices of any size to get interconnected, often at a very low marginal cost per device, at any range, and in circumstances where wiring may be impractical, forinstanceinstance, on fast-moving or rotating devices. </t> <t> On the other hand, Deterministic Networking maximizes the packet delivery ratio within a bounded latency so as to enable mission-critical machine-to-machine (M2M) operations.<!-- At IEEE Std. 802.1, the <xref target="IEEE Std. 802.1TSNTG">Time Sensitive Networking</xref>(TSN) task group was formed to provide deterministic properties at Layer-2 across multiple hops. -->Applications that need such networks are presented in <xreftarget='RFC8578'/>. <!--andtarget="RFC8578"/> and <xreftarget="I-D.bernardos-raw-use-cases"/>,target="I-D.ietf-raw-use-cases"/>, which presents a number of additional use cases for Reliable and Available Wirelessnetworks. -->networks (RAW). The considered applications includeProfessional Media,professional media, Industrial Automation and Control Systems (IACS), building automation, in-vehicle command and control, commercial automation and asset tracking with mobile scenarios, as well as gaming, drones and edge robotic control, and home automation applications. </t> <t> TheTimeslottedTime-Slotted Channel Hopping (TSCH) <xreftarget='RFC7554'/>target="RFC7554"/> mode of the IEEEStd.Std 802.15.4 <xreftarget='IEEE802154'/>target="IEEE802154"/> Medium Access Control (MAC) was introduced with the IEEEStd.Std 802.15.4e <xreftarget='IEEE802154e'/>target="IEEE802154e"/> amendment and is now retrofitted in the main standard. For all practical purposes, this document is expected to be insensitive to the revisions of that standard, which is thus referenced without a date. TSCH is both a Time-Division Multiplexing (TDM) and a Frequency-Division Multiplexingtechnique(FDM) technique, whereby a different channel can be used for eachtransmission, and thattransmission. TSCH allowsto schedulethe scheduling of transmissions for deterministicoperations,operations and applies to the slower and mostenergy constrainedenergy-constrained wireless use cases. </t> <t> The scheduled operation provides for a more reliableexperienceexperience, which can be used to monitor and manage resources, e.g., energy and water, in a more efficient fashion. </t> <t> ProvenDeterministic Networkingdeterministic networking standards for use inProcess Control,process control, including ISA100.11a <xreftarget='ISA100.11a'/>target="ISA100.11a"/> and WirelessHART <xreftarget='WirelessHART'/>,target="WirelessHART"/>, have demonstrated the capabilities of the IEEEStd.Std 802.15.4 TSCH MAC for high reliability against interference, low-power consumption on well-known flows, and its applicability for Traffic Engineering (TE) from a central controller. </t> <t>To enable the convergence ofInformation Technologyinformation technology (IT) andOperational Technologyoperational technology (OT) in Low-Power and Lossy Networks (LLNs), the 6TiSCHArchitecturearchitecture supports an IETF suite of protocols over the IEEEStd.Std 802.15.4 TSCH MAC to provide IP connectivity for energy and otherwise constrained wireless devices. </t> <t> The 6TiSCHArchitecturearchitecture relies on IPv6 <xreftarget='RFC8200'/>target="RFC8200"/> and the use of routing to provide large scaling capabilities. The addition of a high-speed federating backbone adds yet another degree of scalability to the design. The backbone is typically aLayer-2Layer 2 transitLinklink such as an Ethernet bridged network, but it can also be a more complex routed structure. </t> <t> The 6TiSCHArchitecturearchitecture introduces an IPv6Multi-Linkmulti-link subnet model that is composed of a federating backbone and a number of IEEEStd.Std 802.15.4 TSCH low-power wireless networks federated and synchronized by Backbone Routers. If the backbone is aLayer-2Layer 2 transitLinklink, then the Backbone Routers can operate as an IPv6 Neighbor Discovery (IPv6 ND) proxy <xreftarget='RFC4861'/> proxy.target="RFC4861"/>. </t> <t> The 6TiSCHArchitecturearchitecture leverages 6LoWPAN <xreftarget='RFC4944'/>target="RFC4944"/> to adapt IPv6 to the constrained media andRPLthe Routing Protocol for Low-Power and Lossy Networks (RPL) <xreftarget='RFC6550'/>target="RFC6550"/> for the distributed routing operations. </t> <t> Centralized routing refers to a model where routes are computed and resources are allocated from a central controller. This is particularly helpful to schedule deterministic multihop transmissions. In contrast,Distributed Routingdistributed routing refers to a model that relies on concurrentpeer to peerpeer-to-peer protocol exchanges for TSCH resource allocation and routing operations. </t> <t> The architecture defines mechanisms to establish and maintain routing and scheduling in a centralized, distributed, or mixed fashion, for use in multiple OT environments. It is applicable in particular to highly scalable solutions such as those used in Advanced Metering Infrastructure <xreftarget='AMI'/>target="AMI"/> solutions that leverage distributed routing to enable multipath forwarding over large LLN meshes. </t> </section> <section><name>Terminology</name><!-- <section anchor='bcp' title="BCP 14"> <t>- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 <xref target="RFC2119"/><xref target="RFC8174"/> when, and only when, they appear in all capitals, as shown here. </t> </section> end section "BCP 14" --><sectionanchor='sixTTerminology'><name>Newanchor="sixTTerminology"><name>New Terms</name> <t> Thedraftdocument does not reuse terms from the <xreftarget='IEEE802154'>target="IEEE802154"> IEEEStd.Std 802.15.4</xref> standard such as "path" or"link""link", which bear a meaning that is quite different from classical IETF parlance. </t><t> This<t>This document adds the followingterms: </t><dl spacing='normal'>terms:</t> <dl spacing="normal"> <dt>6TiSCH (IPv6 over the TSCH mode of IEEE 802.15.4):</dt><dd> 6TiSCH defines an adaptation sublayer for IPv6 over TSCH called 6top, a set of protocols for setting up a TSCH schedule in distributed approach, and a security solution. 6TiSCH may be extended in the future for otherMAC/PHYMAC/Physical Layer (PHY) pairs providing a service similar to TSCH. </dd> <dt>6top (6TiSCH Operation Sublayer):</dt><dd> The next higher layer of the IEEEStd.Std 802.15.4 TSCH MAC layer. 6top provides the abstraction of an IP link over a TSCH MAC, schedules packets over TSCH cells, and exposes a management interface to schedule TSCH cells. </dd> <dt>6P (6top Protocol):</dt><dd> The protocol defined in <xreftarget='RFC8480'/>.target="RFC8480"/>. 6P enablesLayer-2Layer 2 peers to allocate,movemove, ordeallocatede-allocate cells in their respective schedules to communicate. 6P operates at the 6toplayer.sublayer. </dd> <dt>6PTransaction:</dt><dd>transaction:</dt><dd> A 2-way or 3-way sequence of 6P messages used byLayer-2Layer 2 peers to modify their communication schedule. </dd> <dt>ASN (Absolute Slot Number):</dt><dd> Defined in <xreftarget='IEEE802154'/>,target="IEEE802154"/>, the ASN is the total number of timeslots that have elapsed since the EpochTimetime when the TSCH network started. Incremented by one at each timeslot. It is wide enough to not roll over in practice. </dd><!-- <t hangText="blacklist of frequencies:"><dt>bundle:</dt><dd> Asetgroup offrequencies which should not be used for communication. </t> <t hangText="broadcast cell:"> A scheduled cell used for broadcast transmission. </t> --> <dt>bundle:</dt><dd> A group of equivalentequivalent scheduled cells, i.e., cells identified by different[slotOffset, channelOffset],slotOffset/channelOffset, which are scheduled for a same purpose, with the same neighbor, with the same flags, and the same slotframe. The size of the bundle refers to the number of cells it contains. For a given slotframe length, the size of the bundle translates directly into bandwidth. A bundle is a local abstraction that represents a half-duplex link for either sending or receiving, with bandwidth that amounts to the sum of the cells in the bundle. </dd><dt>Layer-2<dt>Layer 2 vs.Layer-3Layer 3 bundle:</dt><dd> Bundles are associatedforwith eitherLayer-2Layer 2 (switching) orLayer-3Layer 3 (routing) forwarding operations. A pair ofLayer-3Layer 3 bundles (one for each direction) maps to an IPLinklink with a neighbor, whereas a set ofLayer-2Layer 2 bundles (of an "arbitrary" cardinality and direction) corresponds to the relation of one or more incoming bundle(s) from the previous-hop neighbor(s) with one or more outgoing bundle(s) to the next-hop neighbor(s) along a Track as part of the switching role, which may include replication and elimination. </dd> <dt>CCA (Clear Channel Assessment):</dt><dd> A mechanism defined in <xreftarget='IEEE802154'/>target="IEEE802154"/> whereby nodes listen to the channel before sending to detect ongoing transmissions from other parties. Because the network is synchronized, CCA cannot be used to detect colliding transmissions within the same network, but it can be used to detect other radio networks in the vicinity. </dd> <dt>cell:</dt><dd> A unit of transmission resource in the CDU matrix, a cell is identified by a slotOffset and a channelOffset. A cell can be scheduled or unscheduled. </dd> <dt>Channel Distribution/Usage (CDU) matrix:</dt><dd>: A matrix of cells (i,j) representing the spectrum (channel) distribution among the different nodes in the 6TiSCH network. The CDU matrix has width intimeslots,timeslots equal to the period of the network scheduling operation, and height equal to the number of available channels. Every cell (i,j) in the CDU, identified by(slotOffset, channelOffset),slotOffset/channelOffset, belongs to a specific chunk. </dd> <dt>channelOffset:</dt><dd> Identifies a row in the TSCH schedule. The number of channelOffset values is bounded by the number of available frequencies. The channelOffset translates into a frequency with a function that depends on the absolute time when the communication takes place, resulting in achannel hoppingchannel-hopping operation. </dd> <dt>chunk:</dt><dd> A well-known list of cells, distributed in time and frequency, within a CDU matrix. A chunk represents a portion of a CDU matrix. The partition of the CDU matrix in chunks is globally known by all the nodes in the network to support the appropriation process, which is a negotiation between nodes within an interference domain. A node that manages to appropriate a chunk gets to decide which transmissions will occur over the cells in the chunk within its interference domain, i.e., a parent node will decide when the cells within the appropriated chunk are used and by whichnode,node among its children. </dd> <dt>CoJP (Constrained Join Protocol):</dt><dd><!-- CoJP is a one-touch join protocol defined in the <xref target="I-D.ietf-6tisch-minimal-security"> Minimal Security Framework for 6TiSCH</xref>. CoJP requires the distribution of preshared keys (PSK), and enables a node to join with a single round trip to the JRC via the JP. -->The Constrained Join Protocol (CoJP) enables a pledge to securely join a 6TiSCH network and obtain network parameters over a secure channel.<!-- CoJP is defined in the <xref target="I-D.ietf-6tisch-minimal-security"> Minimal Security Framework for 6TiSCH </xref>. -->"<xref target="RFC9031" format="title"/>" <xreftarget='I-D.ietf-6tisch-minimal-security'> Minimal Security Framework for 6TiSCH </xref>target="RFC9031"/> defines the minimal CoJP setup with pre-shared keys defined. In that mode, CoJP can operate with a singleround tripround-trip exchange. </dd> <dt>dedicated cell:</dt><dd> A cell that is reserved for a given node to transmit to a specific neighbor. </dd> <dt>deterministic network:</dt><dd> The generic concept of a deterministic network is defined in the <xreftarget='RFC8655'>"DetNettarget="RFC8655">"Deterministic Networking Architecture"</xref> document. When applied to 6TiSCH, it refers to the reservation ofTracksTracks, which guarantees an end-to-end latency and optimizes the Packet Delivery Ratio (PDR) for well-characterized flows. </dd> <dt>distributed cell reservation:</dt><dd> A reservation of a cell done by one or more in-network entities. </dd> <dt>distributed Track reservation:</dt><dd> A reservation of a Track done by one or more in-network entities. </dd> <dt>EB (Enhanced Beacon):</dt><dd> A special frame defined in <xreftarget='IEEE802154'/>target="IEEE802154"/> used by a node, including theJP,Join Proxy (JP), to announce the presence of the network. It contains enough information for a pledge to synchronize to the network. </dd> <dt>hard cell:</dt><dd> A scheduled cellwhichthat the 6top sublayer may not relocate. </dd> <dt>hopping sequence:</dt><dd> Ordered sequence of frequencies, identified by a Hopping_Sequence_ID, used for channel hopping when translating the channelOffset value into a frequency. </dd> <dt>IE (Information Element):</dt><dd> Type-Length-Value containers placed at the end of the MACheader,header and used to pass data between layers or devices. Some IE identifiers are managed by the IEEE <xreftarget='IEEE802154'/>.target="IEEE802154"/>. Some IE identifiers are managed by the IETF <xreftarget='RFC8137'/>, andtarget="RFC8137"/>. <xreftarget='I-D.ietf-6tisch-enrollment-enhanced-beacon'/>target="RFC9032"/> uses one subtype to support the selection of the Join Proxy. </dd> <dt>join process:</dt><dd> The overall process that includes the discovery of the network by pledge(s) and the execution of the join protocol. </dd> <dt>join protocol:</dt><dd> The protocol that allows the pledge to join the network. The join protocol encompasses authentication,authorizationauthorization, and parameter distribution. The join protocol is executed between the pledge and the JRC. </dd> <dt>joined node:</dt><dd> The newdevice,device after having completed the join process, often just called a node. </dd> <dt>JP (Join Proxy):</dt><dd>NodeA node already part of the 6TiSCH network that serves as a relay to provide connectivity between the pledge and the JRC. The JP announces the presence of the network by regularly sending EB frames. </dd> <dt>JRC (Join Registrar/Coordinator):</dt><dd> Central entity responsible for the authentication,authorizationauthorization, and configuration of the pledge. </dd> <dt>link:</dt><dd> A communication facility or medium over which nodes can communicate at theLink-Layer,link layer, which is the layer immediately below IP. In 6TiSCH, the concept is implemented as a collection ofLayer-3Layer 3 bundles. Note: the IETF parlance for the term"Link""link" is adopted, as opposed to the IEEEStd.Std 802.15.4 terminology. </dd><dt>Operational Technology:</dt><dd><dt>operational technology:</dt><dd> OT refers to technology used in automation, for instance in industrial control networks. The convergence of IT and OT is the main object of the Industrial Internet of Things (IIOT). </dd> <dt>pledge:</dt><dd> A new device that attempts to join a 6TiSCH network. </dd> <dt>(to) relocate a cell:</dt><dd> The action operated by the 6top sublayer of changing the slotOffset and/or channelOffset of a soft cell. </dd> <dt>(to) schedule a cell:</dt><dd> The action of turning an unscheduled cell into a scheduled cell. </dd> <dt>scheduled cell:</dt><dd> A cellwhichthat is assigned a neighbor MAC address (broadcast address is alsopossible),possible) and one or more of the following flags: TX, RX,SharedShared, and Timekeeping. A scheduled cell can be used by the IEEEStd.Std 802.15.4 TSCH implementation to communicate. A scheduled cell can either be a hard or a soft cell. </dd> <dt>SF (6top Scheduling Function):</dt><dd> The cell management entity that adds or deletes cells dynamically based on application networking requirements. The cell negotiation with a neighbor is done using 6P. </dd> <dt>SFID (6top Scheduling Function Identifier):</dt><dd> A 4-bit field identifying an SF. </dd> <dt>shared cell:</dt><dd> A cell marked with both the"TX"TX and"shared"Shared flags. This cell can be used by more than one transmitter node. A back-off algorithm is used to resolve contention. </dd> <dt>slotframe:</dt><dd> A collection of timeslots repeating in time, analogous to a superframe in that it defines periods of communication opportunities. It is characterized by aslotframe_ID,slotframe_ID and a slotframe_size. Multiple slotframes can coexist in a node's schedule, i.e., a node can have multiple activities scheduled in differentslotframes,slotframes based on the priority of its packets/traffic flows. The timeslots in theSlotframeslotframe are indexed by theSlotOffset;slotOffset; the first timeslot is atSlotOffsetslotOffset 0. </dd> <dt>slotOffset:</dt><dd> A column in the TSCH schedule, i.e., the number of timeslots since the beginning of the current iteration of the slotframe. </dd> <dt>soft cell:</dt><dd> A scheduled cellwhichthat the 6top sublayer can relocate. </dd> <dt>time source neighbor:</dt><dd> A neighbor that a node uses as its time reference, and to which it needs to keep its clock synchronized. </dd> <dt>timeslot:</dt><dd> A basic communication unit in TSCHwhichthat allows a transmitter node to send a frame to a receiverneighbor,neighbor and that allows the receiver neighbor to optionally send back an acknowledgment. </dd> <dt>Track:</dt><dd> A Track is a Directed Acyclic Graph (DAG) that is used as a complexmulti-hopmultihop path to the destination(s) of the path. In the case of unicast traffic, the Track is aDestination OrientedDestination-Oriented DAG (DODAG) where the Root of the DODAG is the destination of the unicast traffic. A Track enables replication,eliminationelimination, and reordering functions on the way (more on those functions in <xreftarget='RFC8655'/>.target="RFC8655"/>). A Track reservation locks physical resources such as cells and buffers in every node along the DODAG. A Track is associated witha owner thatan owner, which can be for instance the destination of the Track. </dd> <dt>TrackID:</dt><dd> A TrackID is either globallyunique,unique or locally unique to the Track owner, in which case the identification of the owner must be provided together with the TrackID to provide a full reference to the Track.typically,Typically, the Track owner is the ingress of theTrack thenTrack, the IPv6 source address of packets along the Track can be used as identification of theownerowner, and a local InstanceID <xreftarget='RFC6550'/>target="RFC6550"/> in the namespace of that owner can be used as TrackID. If the Track is reversible, then the owner is found in the IPv6 destination address of a packet coming back along the Track. In that case, a RPL Packet Information <xreftarget='RFC6550'/>target="RFC6550"/> in an IPv6 packet can unambiguously identify the Track and can be expressed in a compressed form using <xreftarget='RFC8138'/>.target="RFC8138"/>. </dd> <dt>TSCH:</dt><dd> A medium access mode of the <xreftarget='IEEE802154'>target="IEEE802154"> IEEEStd.Std 802.15.4</xref> standardwhichthat uses time synchronization to achieve ultra-low-poweroperation,operation and channel hopping to enable high reliability. </dd> <dt>TSCH Schedule:</dt><dd> A matrix of cells, with each cell indexed by a slotOffset and a channelOffset. The TSCH schedule contains all the scheduled cells from all slotframes and is sufficient to qualify the communication in the TSCH network. The number of channelOffset values (the "height" of the matrix) is equal to the number of available frequencies. </dd> <dt>Unscheduled Cell:</dt><dd> A cellwhichthat is not used by the IEEEStd.Std 802.15.4 TSCH implementation. </dd> </dl> </section> <sectionanchor='acronyms'><name>Abbreviations</name>anchor="acronyms"><name>Abbreviations</name> <t> This document uses the following abbreviations:</t><dl spacing='normal'></t> <dl spacing="normal"> <dt>6BBR:</dt><dd> 6LoWPAN Backbone Router (router with a proxy ND function) </dd> <dt>6LBR:</dt><dd> 6LoWPAN Border Router (authoritative onDAD)Duplicate Address Detection (DAD)) </dd> <dt>6LN:</dt><dd> 6LoWPAN Node </dd> <dt>6LR:</dt><dd> 6LoWPAN Router (relay to the registration process) </dd> <dt>6CIO:</dt><dd> Capability Indication Option </dd> <dt>(E)ARO:</dt><dd> (Extended) Address Registration Option </dd> <dt>(E)DAR:</dt><dd> (Extended) Duplicate Address Request </dd> <dt>(E)DAC:</dt><dd> (Extended) Duplicate Address Confirmation </dd> <dt>DAD:</dt><dd> Duplicate Address Detection </dd> <dt>DODAG:</dt><dd> Destination-Oriented Directed Acyclic Graph </dd> <dt>LLN:</dt><dd> Low-Power and Lossy Network (a typical IoT network) </dd> <dt>NA:</dt><dd> Neighbor Advertisement </dd> <dt>NCE:</dt><dd> Neighbor Cache Entry </dd> <dt>ND:</dt><dd> Neighbor Discovery </dd> <dt>NDP:</dt><dd> Neighbor Discovery Protocol </dd> <dt>PCE:</dt><dd> Path Computation Element </dd> <dt>NME:</dt><dd> Network Management Entity </dd> <dt>ROVR:</dt><dd> Registration Ownership Verifier (pronounced rover) </dd> <dt>RPL:</dt><dd> IPv6 Routing Protocol for LLNs (pronounced ripple) </dd> <dt>RA:</dt><dd> Router Advertisement </dd> <dt>RS:</dt><dd> Router Solicitation </dd> <dt>TSCH:</dt><dd>timeslottedTime-Slotted Channel Hopping </dd> <dt>TID:</dt><dd> Transaction ID (a sequence counter in the EARO) </dd> </dl> </section><!-- end section "Abbreviations" --><sectionanchor='lo'><name>Relatedanchor="lo"><name>Related Documents</name> <t> Thedraft alsodocument conforms to the terms and models described in <xreftarget='RFC3444'/>target="RFC3444"/> and <xreftarget='RFC5889'/> andtarget="RFC5889"/>, uses the vocabulary and the concepts defined in <xreftarget='RFC4291'/>target="RFC4291"/> for the IPv6Architecturearchitecture, and refers to <xreftarget='RFC4080'/> for reservation <!-- signaling and <xref target="RFC5191"/>target="RFC4080"/> forauthentication. -->reservation. </t> <t> Thedraftdocument uses domain-specific terminology defined or referencedin: </t><ul empty='true' spacing='normal'> <li> 6LoWPAN NDin the following: </t> <ul spacing="normal"> <li>6LoWPAN ND: <xreftarget='RFC6775'>"Neighbortarget="RFC6775">"Neighbor Discovery Optimization forLow-power and Lossy Networks"</xref>IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs)"</xref> and <xreftarget='RFC8505'> "Registrationtarget="RFC8505">"Registration Extensions for6LoWPANIPv6 over Low-Power Wireless Personal Area Network (6LoWPAN) Neighbor Discovery"</xref>, </li> <li><xreftarget='RFC7102'>"Termstarget="RFC7102">"Terms Used in Routing for Low-Power and LossyNetworks (LLNs)"</xref>,</li> <li>Networks"</xref>, andRPL</li> <li>RPL: <xreftarget='RFC6552'>"Objectivetarget="RFC6552">"Objective Function Zero for the Routing Protocol for Low-Power and Lossy Networks(RPL)" </xref>,(RPL)"</xref> and <xreftarget='RFC6550'>"RPL:target="RFC6550">"RPL: IPv6 Routing Protocol for Low-Power and LossyNetworks"</xref>.</li>Networks"</xref>. </li> </ul><t> Other terms in use in LLNs are found in <xreftarget='RFC7228'>target="RFC7228"> "Terminology for Constrained-Node Networks"</xref>. </t><t> Readers are expected to be familiar with all the terms and concepts that are discussed in</t><ul spacing='normal'> <li> <xref target='RFC4861'>"Neighborthe following: </t> <ul spacing="normal"> <li><xref target="RFC4861">"Neighbor Discovery for IP version6" </xref>,6 (IPv6)"</xref> and<xref target='RFC4862'>"IPv6</li> <li><xref target="RFC4862">"IPv6 Stateless AddressAutoconfiguration" </xref>.</li> </ul><t> </t>Autoconfiguration"</xref>. </li> </ul> <t>In addition, readers would benefit fromreading: </t><ul spacing='normal'>reading the following prior to this specification for a clear understanding of the art in ND-proxying and binding: </t> <ul spacing="normal"> <li><xreftarget='RFC6606'>"Problemtarget="RFC6606">"Problem Statement and Requirements for IPv6 over Low-Power Wireless Personal Area Network (6LoWPAN)Routing" </xref>,</li>Routing"</xref>, </li> <li> <xreftarget='RFC4903'>"Multi-Linktarget="RFC4903">"Multi-Link Subnet Issues"</xref>, and </li> <li> <xreftarget='RFC4919'>"IPv6target="RFC4919">"IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): Overview, Assumptions, Problem Statement, andGoals"</xref></li> </ul><t> prior to this specification for a clear understanding of the art in ND-proxying and binding. </t>Goals"</xref>. </li> </ul> </section><!-- end section "References" --></section><!-- end section "Terminology" --> <section><name>High Level<section><name>High-Level Architecture</name> <section><name>ANon-Broadcast Multi-AccessNon-broadcast Multi-access Radio Mesh Network</name> <t> A 6TiSCH network is an IPv6 <xreftarget='RFC8200'/>target="RFC8200"/> subnetwhich,that, in its basic configuration illustrated in <xreftarget='fig1'/>,target="fig1"/>, is a single Low-Power and Lossy Network (LLN) operating over a synchronized TSCH-based mesh. </t> <figureanchor='fig1'><name>Basicanchor="fig1"><name>Basic Configuration of a 6TiSCH Network</name> <artwork><![CDATA[ ---+-------- ............ ------------ | External Network | | +-----+ +-----+ | NME | | | LLN Border | PCE | | | router (6LBR) +-----+ +-----+ o o o o o o o o o o 6LoWPAN + RPL o o o o o o ]]></artwork> </figure> <t> Inside a 6TiSCH LLN, nodes rely on <xreftarget='RFC6282'>6LoWPAN Header Compressiontarget="RFC6282">6LoWPAN header compression (6LoWPAN HC)</xref> to encode IPv6 packets. From the perspective of the network layer, a single LLN interface (typically an IEEEStd.Std 802.15.4-compliant radio) may be seen as a collection ofLinkslinks with different capabilities for unicast or multicast services. </t><t> 6TiSCH nodes join a mesh network by attaching to nodes that are already members of the mesh (see <xreftarget='rflo'/>).target="rflo"/>). The security aspects of the join process are further detailed in <xreftarget='sec'/>.target="sec"/>. In a mesh network, 6TiSCH nodes are not necessarily reachable from one another atLayer-2Layer 2, and an LLN may span over multiple links. </t><t> This forms a homogeneous non-broadcast multi-access (NBMA) subnet, which is beyond the scope of IPv6 Neighbor Discovery (IPv6 ND) <xreftarget='RFC4861'/><xref target='RFC4862'/>.target="RFC4861"/> <xref target="RFC4862"/>. 6LoWPAN Neighbor Discovery (6LoWPAN ND) <xreftarget='RFC6775'/><xref target='RFC8505'/>target="RFC6775"/> <xref target="RFC8505"/> specifies extensions to IPv6 ND that enable ND operations in this type of subnet that can be protected against address theft and impersonation with <xreftarget='I-D.ietf-6lo-ap-nd'/>.target="RFC8928"/>. </t> <t> Once it has joined the 6TiSCH network, a node acquires IPv6Addressesaddresses andregisterregisters them using 6LoWPAN ND. This guarantees that the addresses are unique and protects the address ownership over the subnet, more in <xreftarget='rreg'/>.target="rreg"/>. </t> <t> Within the NBMA subnet, <xreftarget='RFC6550'>RPL</xref>target="RFC6550">RPL</xref> enables routing in the so-calledRoute Over"route-over" fashion, either in storing (stateful) or non-storing (stateless, with routing headers) mode. From there, some nodes can act as routers for 6LoWPAN ND and RPL operations, as detailed in <xreftarget='RPLvs6lo'/>. </t><t>target="RPLvs6lo"/>. </t> <t> With TSCH, devices aretime-synchronizedtime synchronized at the MAC level. The use of a particular RPL Instance for time synchronization is discussed in <xreftarget='sync'/>.target="sync"/>. With this mechanism, the time synchronization starts at the RPL Root and follows the RPL loopless routing topology. </t><t> RPL formsDestination OrientedDestination-Oriented Directed Acyclic Graphs (DODAGs) within Instances of the protocol, each Instance being associated with an Objective Function (OF) to form a routing topology. A particular 6TiSCH node, the LLN Border Router (6LBR), acts as RPL Root, 6LoWPAN HC terminator, and Border Router for the LLN to the outside. The 6LBR is usually powered. More on RPL Instances can be found insection 3.1Section <xref target="RFC6550" section="3.1" sectionFormat="bare" format="default"/> of <xreftarget='RFC6550'>RPL</xref>,target="RFC6550">RPL</xref>, in particular"3.1.2."<xref target="RFC6550" section="3.1.2" sectionFormat="bare" format="default"/> RPL Identifiers" and"3.1.3."<xref target="RFC6550" section="3.1.3" sectionFormat="bare" format="default"/> Instances, DODAGs, and DODAG Versions". RPL adds artifacts in the data packets that are compressed with a6LoWPAN addition<xreftarget='RFC8138'>6LoRH</xref>.target="RFC8138">6LoWPAN Routing Header (6LoRH)</xref>. In a preexisting network, the compression can be globally turned on in a DODAG once all nodes are migrated to support <xref target="RFC8138" format="default"/> using <xref target="RFC9035" format="default"/>. </t><t> Additional routing and scheduling protocols may be deployed to establishon-demand Peer-to-Peeron-demand, peer-to-peer routes with particular characteristics inside the 6TiSCH network. This may be achieved in a centralized fashion by a Path Computation Element (PCE) <xreftarget='PCE'/>target="PCE"/> that programs both the routes and the schedules inside the 6TiSCHnodes,nodes orbyin a distributed fashion by using a reactive routing protocol and aHop-by-Hophop-by-hop scheduling protocol. </t> <t> This architecture expects that a 6LoWPAN node can connect as a leaf to a RPL network, where the leaf support is the minimal functionality to connect as a host to a RPL network without the need to participatetoin the full routing protocol. The architecture also expects that a 6LoWPAN node that isnot aware at allunaware oftheRPLprotocolmay also connect as described in <xreftarget='I-D.ietf-roll-unaware-leaves'/>.target="RFC9010"/>. </t> </section> <section><name>A Multi-Link Subnet Model</name> <t> An extended configuration of the subnet comprises multiple LLNs as illustrated in <xreftarget='fig2'/>.target="fig2"/>. In the extended configuration, a Routing Registrar <xreftarget='RFC8505'/>target="RFC8505"/> may be connected to the node that acts as the RPL Rootand / orand/or 6LoWPAN 6LBR and provides connectivity to the larger campus/or factory plant network over a high-speed backbone or a back-haul link. The RoutingregistrarRegistrar may perform IPv6 ND proxyoperations, oroperations; redistribute the registration in a routing protocol such as <xreftarget='RFC5340'>OSPF</xref>target="RFC5340">OSPF</xref> or <xreftarget='RFC2545'>BGP</xref>,target="RFC2545">BGP</xref>; or inject a route in a mobility protocol such as <xreftarget='RFC6275'>MIPv6</xref>,target="RFC6275">Mobile IPv6 (MIPv6)</xref>, <xreftarget='RFC3963'>NEMO </xref>,target="RFC3963">Network Mobility (NEMO)</xref>, or <xreftarget='RFC6830'>LISP</xref>.target="RFC6830">Locator/ID Separation Protocol (LISP)</xref>. </t> <t> Multiple LLNs can be interconnected and possibly synchronized over a backbone, which can be wired or wireless. The backbone can operate with IPv6 ND<xref target='RFC4861'/><xref target='RFC4862'/>procedures <xref target="RFC4861"/> <xref target="RFC4862"/> orana hybrid of IPv6 ND and 6LoWPAN ND <xreftarget='RFC6775'/><xref target='RFC8505'/><xref target='I-D.ietf-6lo-ap-nd'/>.target="RFC6775"/> <xref target="RFC8505"/> <xref target="RFC8928"/>. </t> <figureanchor='fig2'><name>Extendedanchor="fig2"><name>Extended Configuration of a 6TiSCH Network</name> <artwork><![CDATA[ | +-----+ +-----+ +-----+ (default) | | (Optional) | | | | IPv6 Router | | 6LBR | | | | Node +-----+ +-----+ +-----+ | Backbone side | | --------+---+--------------------+-+---------------+------+--- | | | +-----------+ +-----------+ +-----------+ | Routing | | Routing | | Routing | | Registrar | | Registrar | | Registrar | +-----------+ +-----------+ +-----------+ o Wireless side o o o o o o o o o o o o o o o o o o o 6TiSCH o 6TiSCH o o o o 6TiSCH o o o LLN o o o o LLN o o LLN o o o o o o o o o o o o o o o ]]></artwork></figure> <t> A Routing Registrar that performs proxy IPv6 ND operations over the backbone on behalf of the 6TiSCH nodes is called a Backbone Router (6BBR) <xreftarget='I-D.ietf-6lo-backbone-router'/>.target="RFC8929"/>. The 6BBRs are placed along the wireless edge of aBackbone,backbone and federate multiple wireless links to form a singleMultiLink Subnet.multi-link subnet. The 6BBRs synchronize with one another over the backbone, so as to ensure that the multiple LLNs that form the IPv6 subnet stay tightly synchronized. </t> <t> The use of multicast can also be reduced on the backbone with a registrar that would contribute to Duplicate Address Detection as well asAddress Lookupaddress lookup using only unicast request/response exchanges. <xreftarget='I-D.thubert-6man-unicast-lookup'/>target="I-D.thubert-6man-unicast-lookup"/> is a proposed method that presents an example of howtothis could be achieved with an extension of <xreftarget='RFC8505'/>,target="RFC8505"/>, using an optional 6LBR as aSubNet-levelsubnet-level registrar, as illustrated in <xreftarget='fig2'/>.target="fig2"/>. </t> <t> As detailed in <xreftarget='RPLvs6lo'/>target="RPLvs6lo"/>, the 6LBR that serves the LLN and the Root of the RPL network need to share information about the devices that are learned through either 6LoWPAN ND orRPLRPL, but not both. The preferred way of achieving this is tocollocate/combineco-locate or combine them. The combined RPL Root and 6LBR may becollocatedco-located with the 6BBR, or directly attached to the 6BBR. In the latter case, it leverages the extended registration process defined in <xreftarget='RFC8505'/>target="RFC8505"/> to proxy the 6LoWPAN ND registration to the 6BBR on behalf of the LLN nodes, so that the 6BBR may in turn performproxyclassical ND operations over thebackbone.backbone as a proxy. </t> <t> The <xreftarget='RFC8655'>DetNet Architecture</xref>target="RFC8655">"Deterministic Networking Architecture"</xref> studiesLayer-3Layer 3 aspects of DeterministicNetworks,Networks and covers networks that span multipleLayer-2Layer 2 domains. If theBackbonebackbone isDeterministicdeterministic (such as defined by theTime SensitiveTime-Sensitive NetworkingWG(TSN) Task Group at IEEE), then the Backbone Router ensures that the end-to-end deterministic behavior is maintained between the LLN and the backbone. </t> </section> <section><name>TSCH:Aa Deterministic MAC Layer</name> <t> Though at a different time scale (several orders of magnitude), both IEEEStd. 802.1TSNStd 802.1 TSN and IEEEStd.Std 802.15.4 TSCH standards provideDeterministicdeterministic capabilities to the point that a packetthat pertainspertaining to a certain flow may traverse a network from node to node following a precise schedule, as a train that enters and then leaves intermediate stations at precise times along its path. </t> <t> With TSCH, time is formatted into timeslots, and individual communication cells are allocated to unicast or broadcast communication at the MAC level. The time-slotted operation reduces collisions, saves energy, and enablestomore closelyengineerengineering the network for deterministic properties. Thechannel hoppingchannel-hopping aspect is a simple and efficient technique to combat multipath fading and co-channel interference. </t> <t> 6TiSCH builds on the IEEEStd.Std 802.15.4 TSCH MAC and inherits its advanced capabilities to enable them in multiple environments where they can be leveraged to improve automated operations. The 6TiSCHArchitecturearchitecture also inherits the capability to perform a centralized route computation to achieve deterministic properties, though it relies on the IETF <xreftarget='RFC8655'>DetNet Architecture</xref>,target="RFC8655">DetNet architecture</xref> and IETF components such as the PCE <xreftarget='PCE'/>,target="PCE"/> for the protocol aspects. </t> <t>On top of this inheritance, 6TiSCH adds capabilities for distributed routing and scheduling operations based ontheRPLrouting protocoland capabilitiesto negotiatefor negotiating schedule adjustments between peers. These distributed routing and scheduling operations simplify the deployment of TSCH networks and enable wireless solutions in a larger variety of use cases from operational technology in general. Examples of suchuse-casesuse cases in industrial environments include plant setup and decommissioning, as well as monitoring a multiplicity oflots of lesser importance measurementsminor notifications such as corrosion measurements, events, andevents and mobile workers accessingaccess of localdevices.devices by mobile workers. </t> </section> <section><name>Scheduling TSCH</name> <t>A scheduling operationattributesallocates cells in aTime-Division-Multiplexing (TDM) / Frequency-Division Multiplexing (FDM)TDM/FDM matrix calledthe Channel distribution/usage (CDU) toa CDU either to individual transmissions or as multi-access shared resources. The CDU matrix can be formatted in chunks that can be allocated exclusively to particular nodes to enable distributed scheduling without collision. More in <xreftarget='slotframes'/>.target="slotframes"/>. </t> <t>FromAt the MAC layer, thestandpointschedule of a 6TiSCH node(at the MAC layer), its scheduleis the collection of the timeslots at which it must wake up for transmission, and the channels to which it should either send or listen at those times. The schedule is expressed as one or moreslotframes that repeat over and over.repeating slotframes. Slotframes may collide and require a device to wake up at a same time, in which case the slotframe with the highest priority is actionable. </t> <t> The 6top sublayer (see <xreftarget='s6Pprot'/>target="s6Pprot"/> for more) hides the complexity of the schedule from the upper layers. TheLinklink abstraction that IP traffic utilizes is composed of a pair ofLayer-3Layer 3 cell bundles, one to receive and one to transmit. Some of the cells may be shared, in which case the 6top sublayer must perform some arbitration. </t> <t> Scheduling enables multiple simultaneous communicationsat a same timein a same interference domain using different channels; but a node equipped with a single radio can only either transmit or receive on one channel at any point of time. Scheduled cells thatfulfilfulfill the same role, e.g., receive IP packets from a peer, are grouped in bundles. </t> <t>The 6TiSCH architecture identifies four ways a schedule can be managed and CDU cells can be allocated: Static Scheduling, Neighbor-to-Neighbor Scheduling, Centralized (or Remote) Monitoring and Schedule Management, andHop-by-hopHop-by-Hop Scheduling. </t><dlspacing='normal'>spacing="normal"> <dt>Static Scheduling:</dt><dd>This refers to the minimal 6TiSCH operation whereby a static schedule is configured for the whole network for use in a Slotted ALOHA <xreftarget='S-ALOHA'/>target="S-ALOHA"/> fashion. The static schedule is distributed through the native methods in the TSCH MAC layer and does not preclude other scheduling operationsto co-existcoexisting on a same 6TiSCH network. A static schedule is necessary for basic operations such as the join process and for interoperability during the network formation, which is specified as part of the <xreftarget='RFC8180'>Minimaltarget="RFC8180">Minimal 6TiSCH Configuration </xref>. </dd> <dt>Neighbor-to-Neighbor Scheduling:</dt><dd>This refers to the dynamic adaptation of the bandwidth of theLinkslinks that are used for IPv6 traffic between adjacent peers. Scheduling Functions such as the <xreftarget='I-D.ietf-6tisch-msf'>"6TiSCHtarget="RFC9033">"6TiSCH Minimal Scheduling Function (MSF)"</xref> influence the operation of the MAC layer to add,updateupdate, and remove cells in itsown,own and its peer's schedules using 6P <xreftarget='RFC8480'/>,target="RFC8480"/> for the negotiation of the MAC resources.</dd> <dt>Centralized (or Remote) Monitoring and Schedule Management:</dt><dd> This refers to the central computation of a schedule and the capability to forward a frame based on the cell of arrival. In that case, the related portion of the device schedule as well as other device resources are managed by an abstract Network Management Entity (NME), which may cooperate with the PCE to minimize the interactionwithwith, and the loadonon, the constrained device. This model is the TSCH adaption of the <xreftarget='RFC8655'>DetNet Architecture</xref>,target="RFC8655">DetNet architecture</xref>, and it enables Traffic Engineering with deterministic properties. </dd><dt>Hop-by-hop<dt>Hop-by-Hop Scheduling:</dt><dd>This refers to the possibilityto reservesof reserving cells along a path for a particular flow using a distributed mechanism.</dd></dl><t> </t></dl> <t> It is not expected that all use cases will require all those mechanisms. Static Scheduling with minimal configurationoneis the only one that is expected in all implementations, since it provides a simple and solid basis for convergecast routing and time distribution. </t><t> A deeper diveininto those mechanisms can be found in <xreftarget='schd'/>.target="schd"/>. </t> </section> <sectionanchor='rtg3'><name>Distributedanchor="rtg3"><name>Distributed vs. Centralized Routing</name> <t> 6TiSCH enables a mixed model of centralized routes and distributed routes. Centralized routescancan, forexampleexample, be computed by an entity such as a PCE. 6TiSCH leveragesthe<xreftarget='RFC6550'>RPL</xref> routing protocoltarget="RFC6550">RPL</xref> forinteroperableinteroperable, distributed routing operations. </t> <t> Both methods may inject routesininto theRouting Tablesrouting tables of the 6TiSCH routers. In either case, each route is associated with a 6TiSCH topology that can be a RPL Instance topology or a Track. The 6TiSCH topology is indexed by a RPLInstanceID, in a format that reuses the RPLInstanceID as defined in RPL. </t> <t> <xreftarget='RFC6550'>RPL</xref>target="RFC6550">RPL</xref> is applicable to Static Scheduling and Neighbor-to-Neighbor Scheduling. The architecture also supports a centralized routing model for Remote Monitoring and Schedule Management. It is expected that a routing protocol that is more optimized for point-to-point routing than <xreftarget='RFC6550'>RPL</xref>,target="RFC6550">RPL</xref>, such as the <xreftarget='I-D.ietf-roll-aodv-rpl'> Asymmetrictarget="I-D.ietf-roll-aodv-rpl"> "Asymmetric AODV-P2P-RPL in Low-Power and LossyNetworks"</xref> AODV-RPL),Networks" (AODV-RPL)</xref>, which derives from the <xreftarget='I-D.ietf-manet-aodvv2'> Adtarget="I-D.ietf-manet-aodvv2"> "Ad Hoc On-demand Distance VectorRouting (AODV)</xref>(AODVv2) Routing"</xref>, will be selected forHop-by-hopHop-by-Hop Scheduling. </t> <t> Both RPL and PCE rely on shared sources such as policies to defineGlobalglobal andLocallocal RPLInstanceIDs that can be used by either method. It is possible for centralized and distributed routing to shareathe same topology. Generally they will operate in different slotframes, and centralized routes will be used for scheduled traffic and will have precedence over distributed routes in case of conflict between the slotframes. </t> </section><!-- Distributed vs. Centralized Routing --><section><name>ForwardingOverover TSCH</name> <t> The 6TiSCH architecture supports three different forwarding models. One is the classical IPv6 Forwarding, where the node selects a feasible successor atLayer-3Layer 3 on aper packetper-packet basis and based on its routing table. The second derives fromGenericGeneralized MPLS(G-MPLS)(GMPLS) for so-called Track Forwarding, whereby a frame received at a particular timeslot can be switched into another timeslot atLayer-2Layer 2 without regard to theupper layerupper-layer protocol. The third model is the 6LoWPAN Fragment Forwarding, which allowsto forwardthe forwarding individual6loWPAN6LoWPAN fragments along a route that issetupset up by the first fragment. </t> <t>In moredetails: </t><dl spacing='normal'>detail: </t> <dl spacing="normal"> <dt>IPv6 Forwarding:</dt><dd>This is the classical IP forwarding model, with a Routing InformationBasedBase (RIB) that is installed bytheRPLrouting protocoland used to select a feasible successor per packet. The packet is placed on an outgoingLink, thatlink, which the 6toplayersublayer maps into a(Layer-3)(Layer 3) bundle of cells, and scheduled for transmission based on QoS parameters. Besides RPL, this model also applies to any routing protocolwhichthat may be operated in the 6TiSCHnetwork,network and corresponds to all the distributed schedulingmodels,models: Static,Neighbor-to-NeighborNeighbor-to-Neighbor, and Hop-by-Hop Scheduling.</dd><dt>G-MPLS<dt>GMPLS Track Forwarding:</dt><dd>This model corresponds to the Remote Monitoring and Schedule Management. In this model, a central controller (hosting a PCE) computes and installs the schedules in the devices per flow. The incoming(Layer-2)(Layer 2) bundle of cells from the previous node along the path determines the outgoing(Layer-2)(Layer 2) bundle towards the next hop for that flow as determined by the PCE. The programmed sequence for bundles is called a Track and can assume DAG shapes that are more complex than a simple direct sequence of nodes.</dd> <dt>6LoWPAN Fragment Forwarding:</dt><dd>This is a hybrid model that derives from IPv6 forwarding for the case where packets must be fragmented at the 6LoWPAN sublayer. The first fragment is forwarded like any IPv6 packet and leaves a state in the intermediate hops to enable forwarding of the next fragments that do not haveaan IP header without the need to recompose the packet at every hop.</dd></dl><t> </t></dl> <t>A deeper diveoninto these operations can be found in <xreftarget='fwd'/>.target="fwd"/>. </t> <t>The following table<xref target="RaF"/> summarizes how the forwarding models apply to the various routing and scheduling possibilities: </t><figure anchor='RaF' suppress-title='true'> <artwork> <![CDATA[ +-------------------+------------+----------------------------------+ | Forwarding Model | Routing | Scheduling | +===================+============+==================================+ | | | Static (Minimal Configuration) | + classical<table anchor="RaF"> <thead> <tr> <th>Forwarding Model</th> <th>Routing</th> <th>Scheduling</th> </tr> </thead> <tbody> <tr> <td rowspan="3">classical IPv6+ RPL +----------------------------------+ |/| | Neighbor-to-Neighbor (SF+6P) | +6LoWPANFragment +------------+----------------------------------+ | | Reactive | Hop-by-Hop (AODV-RPL) | +-------------------+------------+----------------------------------+ |G-MPLSFragment</td> <td rowspan="2">RPL</td> <td>Static (Minimal Configuration)</td> </tr> <tr> <td>Neighbor-to-Neighbor (SF+6P)</td> </tr> <tr> <td>Reactive</td> <td>Hop-by-Hop (AODV-RPL)</td> </tr> <tr> <td>GMPLS TrackFwding| PCE |RemoteForwarding</td> <td>PCE</td> <td>Remote Monitoring and ScheduleMgt| +-------------------+------------+----------------------------------+ ]]> </artwork> </figure>Mgt</td> </tr> </tbody> </table> </section> <sectionanchor='fsixstac'><name>6TiSCHanchor="fsixstac"><name>6TiSCH Stack</name> <t> The IETF proposes multiple techniques for implementing functions related to routing,transporttransport, or security. </t> <t> The 6TiSCH architecture limits the possible variations of the stack and recommends a number of base elements for LLN applications to control the complexity of possible deployments and deviceinteractions,interactions and to limit the size of the resulting object code. In particular, UDP <xreftarget='RFC0768'/>,target="RFC0768"/>, IPv6 <xreftarget='RFC8200'/>target="RFC8200"/>, and the <xreftarget='RFC7252'>Constrainedtarget="RFC7252">Constrained ApplicationProtocol</xref> (CoAP)Protocol (CoAP)</xref> are used as thetransport / bindingtransport/binding of choice for applications and management as opposed to TCP and HTTP. </t> <t> The resulting protocol stack is represented in <xreftarget='fig4'/>:target="fig4"/>: </t> <figureanchor='fig4'><name>6TiSCHanchor="fig4"><name>6TiSCH Protocol Stack</name> <artwork><![CDATA[ +--------+--------+ | Applis | CoJP | +--------+--------+--------------+-----+ | CoAP / OSCORE | 6LoWPAN ND | RPL | +-----------------+--------------+-----+ | UDP | ICMPv6 | +-----------------+--------------------+ | IPv6 | +--------------------------------------+----------------------+ | 6LoWPAN HC / 6LoRH HC | Scheduling Functions | +--------------------------------------+----------------------+ | 6top inc. 6topprotocolProtocol | +-------------------------------------------------------------+ | IEEEStd.Std 802.15.4 TSCH | +-------------------------------------------------------------+ ]]></artwork> </figure> <t> RPL is the routing protocol of choice for LLNs. So far, therewasis no identified need to define a6TiSCH specific6TiSCH-specific Objective Function. The <xreftarget='RFC8180'>Minimaltarget="RFC8180">Minimal 6TiSCH Configuration </xref> describes the operation of RPL over a static schedule used in a Slotted ALOHA fashion <xreftarget='S-ALOHA'/>,target="S-ALOHA"/>, whereby all active slots may be used for emission or reception of both unicast and multicast frames. </t> <t>The<xreftarget='RFC6282'>6LoWPAN Header Compression</xref>target="RFC6282">6LoWPAN header compression</xref> is used to compress the IPv6 and UDP headers, whereas the <xreftarget='RFC8138'>target="RFC8138"> 6LoWPAN Routing Header (6LoRH)</xref> is used to compress the RPL artifacts in the IPv6 data packets, including the RPL Packet Information (RPI), the IP-in-IP encapsulation to/from the RPL Root, and the SourceRouteRouting Header (SRH) in non-storing mode. "<xref target="RFC9008" format="title"/>" <xreftarget='I-D.ietf-roll-useofrplinfo'>"When to use RFC 6553, 6554 and IPv6-in-IPv6"</xref>target="RFC9008"/> provides the details on when headers or encapsulation are needed. </t> <t><!--The COMAN list is working on network Management for LLN. They are considering the Open Mobile Alliance (OMA) Lightweight M2M (LWM2M) Object system. This standard includes DTLS, CoAP (core plus Block and Observe patterns), SenML and CoAP Resource Directory. 6TiSCH has adopted the general direction of <xref target="I-D.ietf-core-comi"> CoAP Management Interface (COMI)</xref> for the management of devices. This is leveraged for instance for the implementation of the generic data model for the 6top sublayer management interface <xref target="I-D.ietf-6tisch-6top-interface"/>. The proposed implementation is based on CoAP and CBOR, and specified in <xref target="I-D.ietf-6tisch-coap"> 6TiSCH Resource Management and Interaction using CoAP</xref>.--> </t> <t>The <xreftarget='I-D.ietf-core-object-security'>target="RFC8613"> Object Security for Constrained RESTful Environments (OSCORE)</xref>,</xref> is leveraged by the Constrained Join Protocol (CoJP) and is expected to be the primary protocol for the protection of the application payload as well. The application payload may also be protected by the <xreftarget='RFC6347'>Datagramtarget="RFC6347">Datagram Transport Layer Security (DTLS) </xref> sitting either under CoAP or over CoAP so it can traverse proxies. </t> <t><!-- Similarly, the <xref target="RFC5191"> Protocol for Carrying Authentication for Network access (PANA)</xref> is represented as an example of a protocol that could be leveraged to secure the join process, as a Layer-3 alternate to IEEE Std. 802.1x/EAP. Regardless, the security model ensures that, prior to a join process, packets from a untrusted device are controlled in volume and in reachability. In particular, a PANA stack should be separated from the main protocol stack to avoid attacks during the join process that is introduced in <xref target='rflo'/>. --> </t> <t>The 6TiSCH OperationsublayerSublayer (6top) is a sublayer of a Logical Link Control (LLC) that provides the abstraction of an IP link over a TSCH MAC and schedules packets over TSCH cells, as further discussed in the next sections, providing in particular dynamic cell allocation with the 6top Protocol (6P) <xreftarget='RFC8480'/>.target="RFC8480"/>. </t> <t> The reference stack presented in this document was implemented andinterop-testedinteroperability-tested by aconjunctioncombination ofopensource, IETFopen source, IETF, and ETSI efforts. One goal is to help other bodies to adopt the stack as a whole, making the effort to move to an IPv6-based IoT stack easier. </t> <t> For a particular environment, some of the choices that aremadeavailable in this architecture may not be relevant. For instance, RPL is not required for star topologies and mesh-underLayer-2Layer 2 routed networks, and the 6LoWPAN compression may not be sufficient for ultra-constrained cases such as some Low-Power Wide Area (LPWA) networks. In such cases, it is perfectly doable to adopt a subset of the selection that is presented hereafter and then select alternate components to complete the solution wherever needed. </t> </section> <section><name>Communication Paradigms and Interaction Models</name> <t> <xreftarget='sixTTerminology'/>target="sixTTerminology"/> provides the terms of Communication Paradigms and InteractionModels,Models inrelationcombination with <xreftarget='RFC3444'>"Ontarget="RFC3444">"On the Difference between Information Models and Data Models"</xref>. A Communication Paradigmwould beis an abstract view of a protocolexchange,exchange andwould come withhas an Information Model for the information that is being exchanged. In contrast, an Interaction Modelwould beis more refined andcould pointpoints to standard operation such as a Representationalstate transferState Transfer (REST) "GET" operation andwould matchmatches a Data Model for the data that is provided over the protocol exchange. </t> <t>Section 2.1.3 of<xreftarget='I-D.ietf-roll-rpl-industrial-applicability'/>target="I-D.ietf-roll-rpl-industrial-applicability" section="2.1.3" sectionFormat="of" format="default"/> andnextits following sections discuss application-layerparadigms,paradigms such asSource-sink (SS) thatsource-sink, which is aMultipeer to Multipeer (MP2MP)multipeer-to-multipeer model primarily used for alarms and alerts,Publish-subscribe (PS, or pub/sub) thatpublish-subscribe, which is typically used for sensor data, as well asPeer-to-peer (P2P)peer-to-peer andPeer-to-multipeer (P2MP)peer-to-multipeer communications. </t> <t> Additional considerations onDuocast -duocast -- one sender, two receivers for redundancy--- and its N-cast generalization are also provided. Those paradigms are frequently used in industrial automation, which is a major use case for IEEEStd.Std 802.15.4 TSCH wireless networks with <xreftarget='ISA100.11a'/>target="ISA100.11a"/> and <xreftarget='WirelessHART'/>, thattarget="WirelessHART"/>, which provides a wireless access to <xreftarget='HART'/>target="HART"/> applications and devices. </t> <t> This document focuses on Communication Paradigms and Interaction Models for packet forwarding and TSCH resources (cells) management. Management mechanisms for the TSCH schedule atLink-Layer (one-hop), Network-layerthe link layer (one hop), network layer (multihop along a Track), andApplication-layerapplication layer (remote control) are discussed in <xreftarget='schd'/>. Link-Layertarget="schd"/>. Link-layer frame forwarding interactions are discussed in <xreftarget='fwd'/>,target="fwd"/>, andNetwork-layer Packetnetwork-layer packet routing is addressed in <xreftarget='rtg'/>.target="rtg"/>. </t> </section> </section> <sectionanchor='dd'><name>Architectureanchor="dd"><name>Architecture Components</name> <sectionanchor='RPLvs6lo'><name>6LoWPANanchor="RPLvs6lo"><name>6LoWPAN (and RPL)</name> <t>A RPL DODAG is formed of a Root, a collection of routers, and leaves that are hosts. Hosts are nodeswhichthat do not forward packets that they did not generate. RPL-aware leaves will participatetoin RPL to advertise their own addresses, whereas RPL-unaware leaves depend on a connected RPL router to do so. RPL interacts with 6LoWPAN ND at multiple levels, in particular at the Root and in the RPL-unaware leaves. </t> <sectionanchor='leaf'><name>RPL-Unawareanchor="leaf"><name>RPL-Unaware Leaves and 6LoWPAN ND</name> <t>RPL needs a set of information to advertise a leaf node through a Destination Advertisement Object (DAO) message and establish reachability. </t><t> <xref target='I-D.ietf-roll-unaware-leaves'>"Routing<t><xref target="RFC9010">"Routing for RPL Leaves"</xref> details the basic interaction of 6LoWPAN ND and RPL and enables a plain 6LN that supports <xreftarget='RFC8505'/>target="RFC8505"/> to obtain return connectivity via the RPL network asana RPL-unaware leaf. The leaf indicates that it requires reachability services for the Registered Address from a Routing Registrar by settingaan 'R' flag in the Extended Address Registration Option <xreftarget='RFC8505'/>,target="RFC8505"/>, and it provides a TID that maps toa sequence numberthe "Path Sequence" defined insection 7 of RPL<xreftarget='RFC6550'/>. </t> <t>target="RFC6550" section="6.7.8" sectionFormat="of" format="default"/>, and its operation is defined in <xreftarget='I-D.ietf-roll-unaware-leaves'/>target="RFC6550" section="7.2" sectionFormat="of" format="default"/>. </t> <t><xref target="RFC9010"/> also enables the leaf to signal with theRPL InstanceIDRPLInstanceID that it wants to participatetoby using the Opaque field of the EARO. On the backbone, theInstanceIDRPLInstanceID is expected to be mapped to an overlay that matches the RPL Instance, e.g., a Virtual LAN (VLAN) or a virtual routing and forwarding (VRF) instance. </t> <t>ThoughThough, at the time of thiswritingwriting, the above specification enables a model where the separation is possible, this architecture recommendsto collocateco-locating the functions of 6LBR and RPL Root. </t> </section><!-- RPL-Unaware Leaves and 6LoWPAN ND --><sectionanchor='rpllbr'><name>6LBRanchor="rpllbr"><name>6LBR and RPL Root</name> <t> With the6LowPAN6LoWPAN ND <xreftarget='RFC6775'/>,target="RFC6775"/>, information on the 6LBR is disseminated via an Authoritative Border Router Option (ABRO) in RA messages. <xreftarget='RFC8505'/>target="RFC8505"/> extends <xreftarget='RFC6775'/>target="RFC6775"/> to enable a registration for routing and proxy ND. The capability to support <xreftarget='RFC8505'/>target="RFC8505"/> is indicated in the 6LoWPAN Capability Indication Option (6CIO). The discovery and liveliness of the RPL Root are obtained through RPL <xreftarget='RFC6550'/>target="RFC6550"/> itself. </t> <t> When 6LoWPAN ND is coupled with RPL, the 6LBR and RPL Root functionalities are co-located in order that the address of the 6LBRbeis indicated by RPLDIODODAG Information Object (DIO) messages and to associate theunique IDROVR from theEDAR/EDAC <xref target='RFC8505'/>Extended Duplicate Address Request/Confirmation (EDAR/EDAC) exchange <xref target="RFC8505"/> with the state that is maintained by RPL. </t> <t>Section 7 of<xreftarget='I-D.ietf-roll-unaware-leaves'/>target="RFC9010" section="7" sectionFormat="of" format="default"/> specifies how the DAO messages are used to reconfirm the registration, thus eliminating a duplication of functionality between DAO and EDAR/EDAC messages, as illustrated in <xreftarget='figReg2'/>.target="figReg2"/>. <xreftarget='I-D.ietf-roll-unaware-leaves'/>target="RFC9010"/> also provides the protocol elements that are needed when the 6LBR and RPL Root functionalities are not co-located. </t> <t> Even though the Root of the RPL network is integrated with the 6LBR, it is logically separated from the Backbone Router (6BBR) that is used to connect the 6TiSCH LLN to the backbone. This way, the Root has all information from 6LoWPAN ND and RPL about the LLN devices attached to it. </t><t> This architecture also expects that the Root of the RPL network (proxy-)registers the 6TiSCH nodes on their behalf to the 6BBR, for whatever operation the 6BBR performs on the backbone, such as NDproxy,proxy or redistribution in a routing protocol. This relies on an extension of the 6LoWPAN ND registration described in <xreftarget='I-D.ietf-6lo-backbone-router'/>.target="RFC8929"/>. </t><t> This model supports the movement of a 6TiSCH device across theMulti-Link Subnet,multi-link subnet and allows the proxy registration of 6TiSCH nodes deep into the 6TiSCH LLN by the 6LBR / RPL Root. This is why in <xreftarget='RFC8505'/>target="RFC8505"/> the Registered Address is signaled in the Target Address field of theNSNeighbor Solicitation (NS) message as opposed to the IPv6 Source Address, which, in the case of a proxy registration, is that of the 6LBR / RPL Root itself. </t> </section><!--</section> <sectionanchor='gone' title="registration Failures Due to Movement"> <t>Registration to the 6LBR through DAR/DAC messages <xref target="RFC6775"/> may percolate slowly through an LLN mesh,anchor="join"><name>Network Access andit might happen that in the meantime,Addressing</name> <section anchor="rflo"><name>Join Process</name> <t> A new device, called the6LoWPAN node moves and registers somewhere else. Both RPL and 6LoWPAN ND lackpledge, undergoes thecapabilityjoin protocol toindicate that the samebecome a nodeis registered elsewhere, so as to invalidate states down the deprecated path. </t><t> In its current expression and functionality, 6LoWPAN ND considers thatin a 6TiSCH network. This usually occurs only once when theregistrationdevice isused forfirst powered on. The pledge communicates with thepurpose of DAD only as opposed to thatJoin Registrar/Coordinator (JRC) ofachieving reachability, and as long as the same node registerstheIPv6 address,network through a Join Proxy (JP), a radio neighbor of theprotocolpledge. </t><t> The JP isfunctional. to act as a RPL leaf registration protocoldiscovered though MAC-layer beacons. When multiple JPs from possibly multiple networks are visible, using trial andachieve reachability,error until an acceptable position in thedevice must use the same TID for all its concurrent registrations, and registrations withright network is obtained becomes inefficient. <xref target="RFC9032"/> adds apast TID should be declined. The state for an obsolete registrationnew subtype in the6LR, as well asInformation Element that was delegated to theRPL routers onIETF <xref target="RFC8137"/> and provides visibility into theway, should be invalidated. Thisnetwork that canonlybeachieved withjoined and theadditionwillingness ofa new Status intheDAC message,JP anda new error/clean-up flow in RPL. </t> </section> <section anchor='prox' title="Proxy registration"> <t>The 6BBR providesthecapabilityRoot todefend an address that is ownedbe used bya 6LoWPAN Node, and attract packetsthe pledge. </t><t> The join protocol provides the following functionality: </t> <ul spacing="normal"> <li> Mutual authentication</li> <li> Authorization</li> <li> Parameter distribution tothat address, whether it is done by proxying ND over a Multi-Link Subnet, redistributingtheaddress inpledge over arouting protocol or advertising it through an alternate proxy registration such as <xref target="RFC6830">the Locator/ID Separation Protocol</xref> (LISP) orsecure channel</li> </ul> <t> The Minimal Security Framework for 6TiSCH <xreftarget="RFC6275">Mobility Supporttarget="RFC9031"/> defines the minimal mechanisms required for this join process to occur inIPv6</xref> (MIPv6). InaLLN, it makes sensesecure manner. The specification defines the Constrained Join Protocol (CoJP), which is used topiggybackdistribute therequestparameters toproxy/defend an address with its registration. </t> </section> <section anchor='source' title="Target Registration"> <t> In their current incarnations, both 6LoWPAN ND and Efficient ND expect thattheaddress being registered ispledge over a secure session established through OSCORE <xref target="RFC8613"/> and which describes thesourcesecure configuration of theNS(ARO) message and thus impose that a Source Link-Layer Address (SLLA) option be present in the message.network stack. Ina mesh scenario wherethe6LBR is physically separated fromminimal setting with pre-shared keys (PSKs), CoJP allows the6LoWPAN Node,pledge to join after a single round-trip exchange with the6LBR does not own the address being registered. This is why <xref target="I-D.ietf-6lo-backbone-router"/> registers the TargetJRC. The provisioning of theNS message as opposedPSK to theSource Address. From another perspective, it may happen, inpledge and theuse caseJRC needs to be done out of band, through aStar topology, that the 6LR, 6LBR and 6BBR are'one-touch' bootstrapping process, which effectivelycollapsed and should support 6LoWPAN ND clients. The convergence of efficient ND and 6LoWPAN NDenrolls the pledge intoa single protocol is thus highly desirable. </t><t> In any case, as long astheDAD process is not complete fordomain managed by theaddress used as source ofJRC. </t> <t> In certain use cases, thepacket, it'one-touch' bootstrapping isagainst the current practicenot feasible due toadvertisetheSLLA, since this may corruptoperational constraints, and theND cacheenrollment of thedestination node, as discussed inpledge into the<xref target="RFC4429">Optimistic DAD specification</xref> with regardsdomain needs tothe TENTATIVE state. </t><t>occur in-band. Thismay look like a chicken and an egg problem, but in fact 6LoWPAN ND acknowledges that the Link-Local Address thatisbased on an EUI-64 address ofhandled through aLLN node may be autoconfigured without'zero-touch' extension of theneedMinimal Security Framework forDAD. It results that a node could use that Address as source, with an SLLA option in6TiSCH. The zero-touch extension <xref target="I-D.ietf-6tisch-dtsecurity-zerotouch-join"/> leverages themessage if required,"<xref target="RFC8995" format="title"/>" <xref target="RFC8995"/> work toregister any other addresses, either Global or Unique-Local Addresses, which would be indicated inestablish a shared secret between a pledge and theTarget. </t> <t> The suggested change isJRC without necessarily having them belong toregistera common (security) domain at join time. This happens through inter-domain communication occurring between thetargetJRC of theNS message,network anduse Target Link-Layer Address (TLLA) intheNS as opposed todomain of theSLLA to install a Neighbor Cache Entry. This would apply to both Efficient ND and 6LoWPAN ND inpledge, represented by avery same manner, with the caveat that depending on the nature of the link between the 6LBR and the 6BBR, the 6LBR may resort to classical ND or DHCPv6 to obtain the address that it uses to source the NS registration messages, whether for itself or on behalf of LLN nodes. </t> </section> <section anchor='Rroot' title="RPL Root vs. 6LBR"> <t>6LoWPAN ND is unclear on how the 6LBR is discovered, and howfourth entity, Manufacturer Authorized Signing Authority (MASA). Once theliveliness ofzero-touch exchange completes, the6LBRCoJP exchange defined in <xref target="RFC9031"/> isassertedcarried overtime. On the other hand, the discovery and liveliness of the RPL Root are obtained throughtheRPL protocol. </t><t> When 6LoWPAN ND is coupled with RPL,secure session established between the6LBRpledge andRPL Root functionalities are co-located in order thattheaddress ofJRC. </t> <t> <xref target="figJoin"/> depicts the6LBR be indicated by RPL DIO messagesjoin process andto associate the unique ID from the DAR/DAC exchange with the state that is maintained by RPL. The DAR/DAC exchange becomes a preamble to the DAO messages that are used from then on to reconfirm the registration, thus eliminatingwhere aduplication of functionality between DAO and DAR messages. </t> </section> <section anchor='Sec' title="Securing the Registration"> <t> A typical attack against IPv6 NDLink-Local Address (LLA) isaddress spoofing, wherebyused, versus arogue node claims the IPv6Global Unicast Addressof another node in and hijacks its traffic. The threats against IPv6 ND as described(GUA). </t> <figure anchor="figJoin" suppress-title="false"> <name>Join Process in<xref target="RFC3971">SEcure Neighbor Discovery (SEND)</xref> are applicable to 6LoPWAN ND as well, but the solution can not work as the route over network does not permit direct peer to peer communication. </t><t> Additionally SEND requires considerably enlarged ND messages to carry cryptographic material, and requires that each protected address is generated cryptographically, which implies the computation of a different key for each Cryptographically Generated Address (CGA). SEND as defined in <xref target="RFC3971"/> is thus largely unsuitable for application in a LLN. </t><t> With 6LoWPAN ND, as illustrated in <xref target='figReg'/>, it is possible to leverage the registration state in the 6LBR, which may store additional security information for later proof of ownership. If this information proves the ownership independently of the address itself, then a single proof may be used to protect multiple addresses. </t><t> Once an Address is registered, the 6LBR maintains a state for that Address and is in position to bind securely the first registration with the Node that placed it, whether the Address is CGA or not. It should thus be possible to protect the ownership of all the addresses ofa Multi-Link Subnet. Parentheses () denote optional exchanges.</name> <artwork><![CDATA[ 6LoWPAN Nodewith a single key, and there should not be a need to carry the cryptographic material more than once to the 6LBR. </t><t> The energy constraint is usually a foremost factor, and attention should be paid to minimize the burden on the CPU. Hardware-assisted support of variants of the <xref target="RFC3610">Counter with CBC-MAC</xref> (CCM) authenticated encryption block cipher mode such as CCM* are common in LowPower ship-set implementations, and6LR 6LBR Join Registrar MASA (pledge) (Join Proxy) (Root) /Coordinator (JRC) | | | | | | 6LoWPAN NDsecurity mechanism should be capable to reuse them when applicable. </t><t> Finally, the code footprint in the device being also an issue, the capability to reuse not only hardware-assist mechanisms but also software across layers has to be considered. For instance, if code has to be present for upper-layer operations, e.g <xref target="RFC6655">AES-CCM Cipher Suites for Transport|6LoWPAN ND+RPL | IPv6 network |IPv6 network | | LLN link |Route-Over mesh|(the Internet)|(the Internet)| | | | | | | LayerSecurity (TLS)</xref>, then the capability to reuse that code should be considered. </t> --> </section> <section anchor='join'><name>Network Access and Addressing</name> <section anchor='rflo'><name>Join Process</name> <t> A new device, called the pledge, undergoes the join protocol to become a node in a 6TiSCH network. This usually occurs only once when the device is first powered on. The pledge communicates with2 | | | | |Enhanced Beacon| | | | |<--------------| | | | | | | | | | NS (EARO) | | | | | (for the LLA) | | | | |-------------->| | | | | NA (EARO) | | | | |<--------------| | | | | | | | | | (Zero-touch | | | | | handshake) | (Zero-touch handshake) | (Zero-touch | | using LLA | using GUA | handshake) | |<------------->|<---------------------------->|<------------>| | | | | | | CoJP JoinRegistrar/Coordinator (JRC) of the network through aReq | | | | \ | using LLA | | | | | |-------------->| | | | | | | CoJP JoinProxy (JP), a radio neighbor of the pledge. </t><t> The JP is discovered though MAC layer beacons. When multiple JPs from possibly multiple networks are visible, trial and error till an acceptable position in the right network is obtained becomes ineffficient. <xref target='I-D.ietf-6tisch-enrollment-enhanced-beacon'/> adds a new subtype in the Information Element that was delegated to the IETF <xref target='RFC8137'/> and provides visibility on the network that can be joined and the willingness by the JP and the Root to be used by the pledge. </t><t> The join protocol provides the following functionality: </t><ul spacing='normal'> <li> Mutual authentication</li> <li> Authorization</li> <li> Parameter distribution to the pledge over a secure channel</li> </ul><t> </t> <t> Minimal Security Framework for 6TiSCH <xref target='I-D.ietf-6tisch-minimal-security'/> defines the minimal mechanisms required for this join process to occur in a secure manner. The specification defines the Constrained Join Protocol (CoJP) that is used to distribute the parameters to the pledge over a secure session established through OSCORE <xref target='I-D.ietf-core-object-security'/>, and a secure configuration of the network stack. In the minimal setting with pre-shared keys (PSKs), CoJP allows the pledge to join after a single round-trip exchange with the JRC. The provisioning of the PSK to the pledge and the JRC needs to be done out of band, through a 'one-touch' bootstrapping process, which effectively enrolls the pledge into the domain managed by the JRC. </t> <t> In certain use cases, the 'one touch' bootstrapping is not feasible due to the operational constraints and the enrollment of the pledge into the domain needs to occur in-band. This is handled through a 'zero-touch' extension of the Minimal Security Framework for 6TiSCH. Zero touch <xref target='I-D.ietf-6tisch-dtsecurity-zerotouch-join'/> extension leverages the 'Bootstrapping Remote Secure Key Infrastructures (BRSKI)' [<xref target='I-D.ietf-anima-bootstrapping-keyinfra'/> work to establish a shared secret between a pledge and the JRC without necessarily having them belong to a common (security) domain at join time. This happens through inter-domain communication occurring between the JRC of the network and the domain of the pledge, represented by a fourth entity, Manufacturer Authorized Signing Authority (MASA). Once the zero-touch exchange completes, the CoJP exchange defined in <xref target='I-D.ietf-6tisch-minimal-security'/> is carried over the secure session established between the pledge and the JRC. </t> <t> <xref target='figJoin'/> depicts the join process and where a Link-Local Address (LLA) is used, versus a Global Unicast Address (GUA). </t> <figure anchor='figJoin' suppress-title='false'><name>Join process in a Multi-Link Subnet. Parentheses () denote optional exchanges.</name> <artwork><![CDATA[ 6LoWPAN Node 6LR 6LBR Join Registrar MASA (pledge) (Join Proxy) (Root) /Coordinator (JRC) | | | | | | 6LoWPAN ND |6LoWPAN ND+RPL | IPv6 network |IPv6 network | | LLN link |Route-Over mesh|(the Internet)|(the Internet)| | | | | | | Layer-2 | | | | |enhanced beacon| | | | |<--------------| | | | | | | | | | NS (EARO) | | | | | (for the LLA) | | | | |-------------->| | | | | NA (EARO) | | | | |<--------------| | | | | | | | | | (Zero-touch | | | | | handshake) | (Zero-touch handshake) | (Zero-touch | | using LLA | using GUA | handshake) | |<------------->|<---------------------------->|<------------>| | | | | | | CoJP Join Req | | | | \ | using LLA | | | | | |-------------->| | | | | | | CoJP Join Request | | | | | using GUA | | | | |----------------------------->| | | C | | | | | | o | |Request | | | | | using GUA | | | | |----------------------------->| | | C | | | | | | o | | CoJP Join Response | | |J | | using GUA | | | P | |<-----------------------------| | | |CoJP Join Resp | | | | | | using LLA | | | | | |<--------------| | | | / | | | | | ]]></artwork> </figure> </section> <section anchor='rreg'><name>Registration</name> <t> Once the pledge successfully completes the CoJP protocol and becomes a network node, it obtains the network prefix from neighboring routers and registers its IPv6 addresses. As detailed in <xref target='RPLvs6lo'/>, the combined 6LoWPAN ND 6LBR and Root of the RPL network learn information such as the device Unique ID (from 6LoWPAN ND) and the updated Sequence Number (from RPL), and perform 6LoWPAN ND proxy registration to the 6BBR of behalf of the LLN nodes. </t> <t> <xref target='figReg'/> illustrates the initial IPv6 signaling that enables a 6LN to form a global address and register it to a 6LBR using 6LoWPAN ND <xref target='RFC8505'/>, is then carried over RPL to the RPL Root, and then to the 6BBR. This flow happens just once when the address is created and first registered. </t> <figure anchor='figReg' suppress-title='false'><name>Initial Registration Flow over Multi-Link Subnet</name> <artwork><![CDATA[ 6LoWPAN Node 6LR 6LBR 6BBR (RPL leaf) (router) (Root) | | | | | 6LoWPAN ND |6LoWPAN ND+RPL | 6LoWPAN ND | IPv6 ND | LLN link |Route-Over mesh|Ethernet/serial| Backbone | | | | | RS (mcast) | | | |-------------->| | | |-----------> | | | |------------------> | | | RA (unicast) | | | |<--------------| | | | | | | | NS(EARO) | | | |-------------->| | | | 6LoWPAN ND | Extended DAR | | | |-------------->| | | | | NS(EARO) | | | |-------------->| | | | | NS-DAD | | | |------> | | | | (EARO) | | | | | | | NA(EARO) |<timeout> | | |<--------------| | | Extended DAC | | | |<--------------| | | NA(EARO) | | | |<--------------| | | | | | | ]]></artwork> </figure> <t> <xref target='figReg2'/> illustrates the repeating IPv6 signaling that enables a 6LN to keep a global address alive and registered to its 6LBR using 6LoWPAN ND to the 6LR, RPL to the RPL Root, and then 6LoWPAN ND again to the 6BBR, which avoids repeating the Extended DAR/DAC flow across the network when RPL can suffice as a keep-alive mechanism. </t> <figure anchor='figReg2' suppress-title='false'><name>Next Registration Flow over Multi-Link Subnet</name> <artwork><![CDATA[ 6LoWPAN Node 6LR 6LBR 6BBR (RPL leaf) (router) (Root) | | | | | 6LoWPAN ND |6LoWPAN ND+RPL | 6LoWPAN ND | IPv6 ND | LLN link |Route-Over mesh| ant IPv6 link | Backbone | | | | | | | | NS(EARO) | | | |-------------->| | | | NA(EARO) | | | |<--------------| | | | | DAO | | | |-------------->| | | | DAO-ACK | | | |<--------------| | | | | NS(EARO) | | | |-------------->| | | | NA(EARO) | | | |<--------------| | | | | | | | | ]]></artwork> </figure> <t>As the network builds up, a node should start as a leaf to join the RPL network, and may later turn into both a RPL-capable router and a 6LR, so as to accept leaf nodes to recursively join the network. </t> </section> </section> <!--"Network Access and Addressing" --> <section anchor='s6Pprot'><name>TSCH and 6top</name> <section><name>6top</name> <t> 6TiSCH expects a high degree of scalability together with a distributed routing functionality based on RPL. To achieve this goal, the spectrum must be allocated in a way that allows for spatial reuse between zones that will not interfere with one another. In a large and spatially distributed network, a 6TiSCH node is often in a good position to determine usage of the spectrum in its vicinity. </t> <t> With 6TiSCH, the abstraction of an IPv6 link is implemented as a pair of bundles of cells, one in each direction. IP Links are only enabled between RPL parents and children. The 6TiSCH operation is optimal when the size of a bundle is such that both the energy wasted in idle listening and the packet drops due to congestion loss are minimized, while packets are forwarded within an acceptable latency. </t> <t> Use cases for distributed routing are often associated with a statistical distribution of best-effort traffic with variable needs for bandwidth on each individual link. The 6TiSCH operation can remain optimal if RPL parents can adjust dynamically, and with enough reactivity to match the variations of best-effort traffic, the amount of bandwidth that is used to communicate between themselves and their children, in both directions. In turn, the agility to fulfill the needs for additional cells improves when the number of interactions with other devices and the protocol latencies are minimized. </t> <t> 6top is a logical link control sitting between the IP layer and the TSCH MAC layer, which provides the link abstraction that is required for IP operations. The 6top protocol, 6P, which is specified in <xref target='RFC8480'/>, is one of the services provided by 6top. In particular, the 6top services are available over a management API that enables an external management entity to schedule cells and slotframes, and allows the addition of complementary functionality, for instance a Scheduling Function that manages a dynamic schedule management based on observed resource usage as discussed in <xref target='dynsched'/>. For this purpose, the 6TiSCH architecture differentiates "soft" cells and "hard" cells. </t> <section><name>Hard Cells</name> <t> "Hard" cells are cells that are owned and managed by a separate scheduling entity (e.g., a PCE) that specifies the slotOffset/channelOffset of the cells to be added/moved/deleted, in which case 6top can only act as instructed, and may not move hard cells in the TSCH schedule on its own. </t> </section> <section><name>Soft Cells</name> <t> In contrast, "soft" cells are cells that 6top can manage locally. 6top contains a monitoring process which monitors the performance of cells, and can add, remove soft cells in the TSCH schedule to adapt to the traffic needs, or move one when it performs poorly. To reserve a soft cell, the higher layer does not indicate the exact slotOffset/channelOffset of the cell to add, but rather the resulting bandwidth and QoS requirements. When the monitoring process triggers a cell reallocation, the two neighbor devices communicating over this cell negotiate its new position in the TSCH schedule. </t> </section> </section> <section anchor='missf'><name>Scheduling Functions and the 6top protocol</name> <t>In the case of soft cells, the cell management entity that controls the dynamic attribution of cells to adapt to the dynamics of variable rate flows is called a Scheduling Function (SF). </t> <t> There may be multiple SFs with more or less aggressive reaction to the dynamics of the network. </t> <t> An SF may be seen as divided between an upper bandwidth adaptation logic that is not aware of the particular technology that is used to obtain and release bandwidth, and an underlying service that maps those needs in the actual technology, which means mapping the bandwidth onto cells in the case of TSCH using the 6top protocol as illustrated in <xref target='fig6P'/>. </t> <figure anchor='fig6P' suppress-title='false'><name>SF/6P stack in 6top</name> <artwork><![CDATA[ +------------------------+ +------------------------+ | Scheduling Function | | Scheduling Function | | Bandwidth adaptation | | Bandwidth adaptation | +------------------------+ +------------------------+ | Scheduling Function | | Scheduling Function | | TSCH mapping to cells | | TSCH mapping to cells | +------------------------+ +------------------------+ | 6top cells negotiation | <- 6P -> | 6top cells negotiation | +------------------------+ +------------------------+ Device A Device B ]]></artwork> </figure> <t> The SF relies on 6top services that implement the <xref target='RFC8480'> 6top Protocol (6P) </xref> to negotiate the precise cells that will be allocated or freed based on the schedule of the peer. It may be for instance that a peer wants to use a particular time slot that is free in its schedule, but that timeslot is already in use by the other peer for a communication with a third party on a different cell. 6P enables the peers to find an agreement in a transactional manner that ensures the final consistency of the nodes state. </t> <t> <xref target='I-D.ietf-6tisch-msf'>MSF</xref> is one of the possible scheduling functions. MSF uses the rendez-vous slot from <xref target='RFC8180'/> for network discovery, neighbor discovery, and any other broadcast. </t> <t> For basic unicast communication with any neighbor, each node uses a receive cell at a well-known slotOffset/channelOffset, derived from a hash of their own MAC address. Nodes can reach any neighbor by installing a transmit (shared) cell with slotOffset/channelOffset derived from the neighbor's MAC address. </t> <t> For child-parent links, MSF continuously monitors the load to/from parents and children. It then uses 6P to install/remove unicast cells whenever the current schedule appears to be under-/over- provisioned. </t> </section> <section><name>6top and RPL Objective Function operations</name> <!-- 8.1.1. Support to RPL Neighbor Discovery and Parent Selection --> <t> An implementation of a <xref target='RFC6550'>RPL</xref> Objective Function (OF), such as the <xref target='RFC6552'> RPL Objective Function Zero (OF0) </xref> that is used in the <xref target='RFC8180'> Minimal 6TiSCH Configuration </xref> to support RPL over a static schedule, may leverage, for its internal computation, the information maintained by 6top. </t> <t>An OF may require metrics about reachability, such as the Expected Transmission Count (ETX) metric <xref target='RFC6551'/>. 6top creates and maintains an abstract neighbor table, and this state may be leveraged to feed an OF and/or store OF information as well. A neighbor table entry may contain a set of statistics with respect to that specific neighbor. </t> <t> The neighbor information may include the time when the last packet has been received from that neighbor, a set of cell quality metrics, e.g., received signal strength indication (RSSI) or link quality indicator (LQI), the number of packets sent to the neighbor or the number of packets received from it. This information can be made available through 6top management APIs and used for instance to compute a Rank Increment that will determine the selection of the preferred parent. </t> <t> 6top provides statistics about the underlying layer so the OF can be tuned to the nature of the TSCH MAC layer. 6top also enables the RPL OF to influence the MAC behavior, for instance by configuring the periodicity of IEEE Std. 802.15.4 Extended Beacons (EBs). By augmenting the EB periodicity, it is possible to change the network dynamics so as to improve the support of devices that may change their point of attachment in the 6TiSCH network. </t> <!-- PT: I took of the text about time source; the way we do it is a bit reverse: we have an Instance that is used for time sourcing, and the preferred parent becomes the time source. If we change preferred parent we use the new one as time source --> <t> Some RPL control messages, such as the DODAG Information Object (DIO) are ICMPv6 messages that are broadcast to all neighbor nodes. With 6TiSCH, the broadcast channel requirement is addressed by 6top by configuring TSCH to provide a broadcast channel, as opposed to, for instance, piggybacking the DIO messages in Layer-2 Enhanced Beacons (EBs), which would produce undue timer coupling among layers, packet size issues and could conflict with the policy of production networks where EBs are mostly eliminated to conserve energy. </t> <!--t> In the TSCH schedule, each cell has the IEEE Std. 802.15.4e LinkType attribute. Setting the LinkType to ADVERTISING indicates that the cell MAY be used to send an Enhanced Beacon. When a node forms its Enhanced Beacon, the cell, with LinkType=ADVERTISING, SHOULD be included in the FrameAndLinkIE, and its LinkOption field SHOULD be set to the combination of "Receive" and "Timekeeping". The receiver of the Enhanced Beacon MAY be listening at the cell to get the Enhanced Beacon ([IEEE Std. 802154e]). 6top takes this way to establish broadcast channel, which not only allows TSCH to broadcast Enhanced Beacons, but also allows protocol exchanges by an upper layer such as RPL. </t> <t> To broadcast ICMPv6 control messages used by RPL such as DIO or DAO, 6top uses the payload of a Data frames. The message is inserted into the queue associated with the cells which LinkType is set to ADVERTISING. Then, taking advantage of the broadcast cell feature established with FrameAndLinkIE (as described above), the RPL control message can be received by neighbors, which enables the maintenance of RPL DODAGs. </t> <t> A LinkOption combining "Receive" and "Timekeeping" bits indicates to the receivers of the Enhanced Beacon that the cell MUST be used as a broadcast cell. The frequency of sending Enhanced Beacons or other broadcast messages by the upper layer is determined by the timers associated with the messages. For example, the transmission of Enhance Beacons is triggered by a timer in 6top; transmission of a DIO message is triggered by the trickle timer of RPL. </t--> </section> <section anchor='sync'><name>Network Synchronization</name> <t> Nodes in a TSCH network must be time synchronized. A node keeps synchronized to its time source neighbor through a combination of frame-based and acknowledgment-based synchronization. To maximize battery life and network throughput, it is advisable that RPL ICMP discovery and maintenance traffic (governed by the trickle timer) be somehow coordinated with the transmission of time synchronization packets (especially with enhanced beacons). </t> <t> This could be achieved through an interaction of the 6top sublayer and the RPL objective Function, or could be controlled by a management entity. </t> <!-- TW: Concept of TSGI developed in separate standards-Track draft? --> <t> Time distribution requires a loop-free structure. Nodes taken in a synchronization loop will rapidly desynchronize from the network and become isolated. 6TiSCH uses a RPL DAG with a dedicated global Instance for the purpose of time synchronization. That Instance is referred to as the Time Synchronization Global Instance (TSGI). The TSGI can be operated in either of the 3 modes that are detailed in section 3.1.3 of <xref target='RFC6550'>RPL</xref>, "Instances, DODAGs, and DODAG Versions". Multiple uncoordinated DODAGs with independent Roots may be used if all the Roots share a common time source such as the Global Positioning System (GPS). </t> <t> In the absence of a common time source, the TSGI should form a single DODAG with a virtual Root. A backbone network is then used to synchronize and coordinate RPL operations between the backbone routers that act as sinks for the LLN. Optionally, RPL's periodic operations may be used to transport the network synchronization. This may mean that 6top would need to trigger (override) the trickle timer if no other traffic has occurred for such a time that nodes may get out of synchronization. </t> <t> A node that has not joined the TSGI advertises a MAC level Join Priority of 0xFF to notify its neighbors that is not capable of serving as time parent. A node that has joined the TSGI advertises a MAC level Join Priority set to its DAGRank() in that Instance, where DAGRank() is the operation specified in section 3.5.1 of <xref target='RFC6550'/>, "Rank Comparison". </t> <!-- TW: Official request made to move alter IEEE Std. 802.15.4e text. Maybe remove last sentence? --> <t> The provisioning of a RPL Root is out of scope for both RPL and this Architecture, whereas RPL enables to propagate configuration information down the DODAG. This applies to the TSGI as well; a Root is configured or obtains by unspecified means the knowledge of the RPLInstanceID for the TSGI. The Root advertises its DagRank in the TSGI, that must be less than 0xFF, as its Join Priority in its IEEE Std. 802.15.4 Extended Beacons (EB). </t> <t> A node that reads a Join Priority of less than 0xFF should join the neighbor with the lesser Join Priority and use it as time parent. If the node is configured to serve as time parent, then the node should join the TSGI, obtain a Rank in that Instance and start advertising its own DagRank in the TSGI as its Join Priority in its EBs. </t> </section> <section anchor='slotframes'><name>Slotframes and CDU matrix</name> <t> 6TiSCH enables IPv6 best effort (stochastic) transmissions over a MAC layer that is also capable of scheduled (deterministic) transmissions. A window of time is defined around the scheduled transmission where the medium must, as much as practically feasible, be free of contending energy to ensure that the medium is free of contending packets when time comes for a scheduled transmission. One simple way to obtain such a window is to format time and frequencies in cells of transmission of equal duration. This is the method that is adopted in IEEE Std. 802.15.4 TSCH as well as the Long Term Evolution (LTE) of cellular networks. </t> <t> The 6TiSCH architecture defines a global concept that is called a Channel Distribution and Usage (CDU) matrix to describe that formatting of time and frequencies, </t> <t> A CDU matrix is defined centrally as part of the network definition. It is a matrix of cells with a height equal to the number of available channels (indexed by ChannelOffsets) and a width (in timeslots) that is the period of the network scheduling operation (indexed by slotOffsets) for that CDU matrix. There are different models for scheduling the usage of the cells, which place the responsibility of avoiding collisions either on a central controller or on the devices themselves, at an extra cost in terms of energy to scan for free cells (more in <xref target='schd'/>). </t> <t> The size of a cell is a timeslot duration, and values of 10 to 15 milliseconds are typical in 802.15.4 TSCH to accommodate for the transmission of a frame and an ack, including the security validation on the receive side which may take up to a few milliseconds on some device architecture. </t> <t> A CDU matrix iterates over and over with a well-known channel rotation called the hopping sequence. In a given network, there might be multiple CDU matrices that operate with different width, so they have different durations and represent different periodic operations. It is recommended that all CDU matrices in a 6TiSCH domain operate with the same cell duration and are aligned, so as to reduce the chances of interferences from the Slotted ALOHA operations. The knowledge of the CDU matrices is shared between all the nodes and used in particular to define slotframes. </t> <t> A slotframe is a MAC-level abstraction that is common to all nodes and contains a series of timeslots of equal length and precedence. It is characterized by a slotframe_ID, and a slotframe_size. A slotframe aligns to a CDU matrix for its parameters, such as number and duration of timeslots. </t> <t> Multiple slotframes can coexist in a node schedule, i.e., a node can have multiple activities scheduled in different slotframes. A slotframe is associated with a priority that may be related to the precedence of different 6TiSCH topologies. The slotframes may be aligned to different CDU matrices and thus have different width. There is typically one slotframe for scheduled traffic that has the highest precedence and one or more slotframe(s) for RPL traffic. The timeslots in the slotframe are indexed by the SlotOffset; the first cell is at SlotOffset 0. </t> <t> When a packet is received from a higher layer for transmission, 6top inserts that packet in the outgoing queue which matches the packet best (Differentiated Services <xref target='RFC2474'/> can therefore be used). At each scheduled transmit slot, 6top looks for the frame in all the outgoing queues that best matches the cells. If a frame is found, it is given to the TSCH MAC for transmission. </t>J | | using GUA | | | P | |<-----------------------------| | | |CoJP Join Resp | | | | | | using LLA | | | | | |<--------------| | | | / | | | | | ]]></artwork> </figure> </section> <sectionanchor='DistRsvTS'><name>Distributing the reservation of cells</name>anchor="rreg"><name>Registration</name> <t>The 6TiSCH architecture introduces the concept of chunks (<xref target='sixTTerminology'/>) to distributeOnce theallocation ofpledge successfully completes thespectrum for a whole group of cells at a time. The CDU matrix is formatted intoCoJP exchange and becomes aset of chunks, possibly as illustratednetwork node, it obtains the network prefix from neighboring routers and registers its IPv6 addresses. As detailed in <xreftarget='fig10'/>, each oftarget="RPLvs6lo"/>, thechunks identified uniquely by a chunk-ID. The knowledgecombined 6LoWPAN ND 6LBR and Root ofthis formatting is shared between all the nodes in a 6TiSCH network. It could be conveyed duringthejoin process,RPL network learn information such as an identifier (device EUI-64 <xref target="RFC6775" format="default"/> orcodified intoaprofile document, or obtained using some other mechanism. This is as opposed to static scheduling that refers to the pre-programmed mechanism that is specified inROVR <xreftarget='RFC8180'/>target="RFC8505" format="default"/> (from 6LoWPAN ND)) andpre-exists to the distribution of the chunk formatting. </t> <figure anchor='fig10'><name>CDU matrix Partitioning in Chunks</name> <artwork align='center'> <![CDATA[ +-----+-----+-----+-----+-----+-----+-----+ +-----+ chan.Off. 0 |chnkA|chnkP|chnk7|chnkO|chnk2|chnkK|chnk1| ... |chnkZ| +-----+-----+-----+-----+-----+-----+-----+ +-----+ chan.Off. 1 |chnkB|chnkQ|chnkA|chnkP|chnk3|chnkL|chnk2| ... |chnk1| +-----+-----+-----+-----+-----+-----+-----+ +-----+ ... +-----+-----+-----+-----+-----+-----+-----+ +-----+ chan.Off. 15 |chnkO|chnk6|chnkN|chnk1|chnkJ|chnkZ|chnkI| ... |chnkG| +-----+-----+-----+-----+-----+-----+-----+ +-----+ 0 1 2 3 4 5 6 M ]]> </artwork> </figure> <t> The 6TiSCH Architecture envisions a protocol that enables chunk ownership appropriation whereby a RPL parent discovers a chunk that is not used in its interference domain, claimsthechunk,updated Sequence Number (from RPL), andthen defends it in case another RPL parent would attemptperform 6LoWPAN ND proxy registration toappropriate it while it is in use. The chunk isthebasic unit6BBR on behalf ofownership that is used in that process.the LLN nodes. </t> <t>As a result of the process of chunk ownership appropriation,<xref target="figReg"/> illustrates theRPL parent has exclusive authorityinitial IPv6 signaling that enables a 6LN todecide which cell in the appropriated chunk can be used by which node in its interference domain. In other words,form a global address and register it to a 6LBR using 6LoWPAN ND <xref target="RFC8505"/>. It isimplicitly delegatedthen carried over RPL to therightRPL Root and then tomanagetheportion of6BBR. This flow happens just once when the address is created and first registered. </t> <figure anchor="figReg" suppress-title="false"><name>Initial Registration Flow over Multi-Link Subnet</name> <artwork><![CDATA[ 6LoWPAN Node 6LR 6LBR 6BBR (RPL leaf) (router) (Root) | | | | | 6LoWPAN ND |6LoWPAN ND+RPL | 6LoWPAN ND | IPv6 ND | LLN link |Route-Over mesh|Ethernet/serial| Backbone | | | | | RS (mcast) | | | |-------------->| | | |-----------> | | | |------------------> | | | RA (unicast) | | | |<--------------| | | | | | | | NS(EARO) | | | |-------------->| | | | 6LoWPAN ND | Extended DAR | | | |-------------->| | | | | NS(EARO) | | | |-------------->| | | | | NS-DAD | | | |------> | | | | (EARO) | | | | | | | NA(EARO) |<timeout> | | |<--------------| | | Extended DAC | | | |<--------------| | | NA(EARO) | | | |<--------------| | | | | | | ]]></artwork> </figure> <t> <xref target="figReg2"/> illustrates theCDU matrixrepeating IPv6 signaling thatis represented by the chunk. <!-- Eliot's review: drop this sentence The RPL parent may thus orchestrate which transmissions occur in any of the cells in the chunk, by allocating cells from the chunkenables a 6LN toany form of communication (unicast, multicast) in any direction between itselfkeep a global address alive and registered with itschildren. --> </t> <t> Initially, those cells are added to the heap of free cells, then dynamically placed into existing bundles, in new bundles, or allocated opportunistically for one transmission. </t> <t> Note that a PCE is expected6LBR using 6LoWPAN ND tohave precedence intheallocation, so that a6LR, RPLparent would only be abletoobtain portions that are not in-use bythePCE. </t> </section> </section> <!-- <section title="Functional Flows"> <t> <list hangIndent="6" style="hanging"> <t hangText="Join:"></t> <t hangText="Time Synchronization:"></t> <t hangText="Setup for routing:"></t> <t hangText="PCE reservation:"></t> <t hangText="Distributed reservation:"></t> <t hangText="Dynamic slot (de)allocation:"></t> <t hangText="DSCP mapping:"></t> </list> </t> </section> --> <section anchor='schd'><name>Schedule Management Mechanisms</name> <t> 6TiSCH uses 4 paradigmsRPL Root, and then 6LoWPAN ND again tomanagetheTSCH schedule of6BBR, which avoids repeating theLLN nodes: Static Scheduling, neighbor-to-neighbor Scheduling, remote monitoring and scheduling management, and Hop-by-hop scheduling. Multiple mechanisms are defined that implementExtended DAR/DAC flow across theassociated Interaction Models, andnetwork when RPL canbe combined and used in the same LLN. Which mechanism(s) to use depends on application requirements.suffice as a keep-alive mechanism. </t><section anchor='mini'><name>Static Scheduling</name> <t> In<figure anchor="figReg2" suppress-title="false"><name>Next Registration Flow over Multi-Link Subnet</name> <artwork><![CDATA[ 6LoWPAN Node 6LR 6LBR 6BBR (RPL leaf) (router) (Root) | | | | | 6LoWPAN ND |6LoWPAN ND+RPL | 6LoWPAN ND | IPv6 ND | LLN link |Route-Over mesh| ant IPv6 link | Backbone | | | | | | | | NS(EARO) | | | |-------------->| | | | NA(EARO) | | | |<--------------| | | | | DAO | | | |-------------->| | | | DAO-ACK | | | |<--------------| | | | | NS(EARO) | | | |-------------->| | | | NA(EARO) | | | |<--------------| | | | | | | | | ]]></artwork> </figure> <t>As thesimplest instantiation ofnetwork builds up, a6TiSCH network,node should start as acommon fixed schedule may be shared by all nodes inleaf to join thenetwork. Cells are shared,RPL network andnodes contend for slot access inmay later turn into both aslotted ALOHA manner. </t> <t> A static TSCH schedule can be used to bootstrapRPL-capable router and anetwork, as an initial phase during implementation, or6LR, so asa fall-back mechanism in case of network malfunction. This schedule is pre-established, for instance decided by a network administrator based on operational needs. It can be pre-configured into the nodes, or, more commonly, learned by a node whento accept leaf nodes recursively joining thenetwork using standard IEEE Std. 802.15.4 Information Elements (IE). Regardless, the schedule remains unchanged after the node has joined a network. RPL is used on the resultingnetwork.This "minimal" scheduling mechanism that implements this paradigm is detailed in <xref target='RFC8180'/>.</t> </section> </section> <sectionanchor='dynsched'><name>Neighbor-to-neighbor Scheduling</name>anchor="s6Pprot"><name>TSCH and 6top</name> <section><name>6top</name> <t>In the simplest instantiation of a6TiSCHnetwork described in <xref target='mini'/>, nodes may expectexpects apacket at any cell inhigh degree of scalability together with a distributed routing functionality based on RPL. To achieve this goal, theschedule andspectrum must be allocated in a way that allows for spatial reuse between zones that willwaste energy idle listening.not interfere with one another. In amore complex instantiation oflarge and spatially distributed network, a 6TiSCHnetwork,node is often in amatching portiongood position to determine usage of theschedule is established between peers to reflectspectrum in its vicinity. </t> <t> With 6TiSCH, theobserved amountabstraction oftransmissions between those nodes. The aggregationan IPv6 link is implemented as a pair ofthe cellsbundles of cells, one in each direction. IP links are only enabled betweena nodeRPL parents anda peer formschildren. The 6TiSCH operation is optimal when the size of a bundlethatminimizes both the6top layer uses to implementenergy wasted in idle listening and theabstraction ofpacket drops due to congestion loss, while packets are forwarded within an acceptable latency. </t> <t> Use cases for distributed routing are often associated with alinkstatistical distribution of best-effort traffic with variable needs forIP. Thebandwidth onthat link is proportionaleach individual link. The 6TiSCH operation can remain optimal if RPL parents can adjust, dynamically and with enough reactivity to match thenumbervariations ofcells in the bundle. </t><t> Ifbest-effort traffic, thesizeamount ofa bundlebandwidth that isconfiguredused tofit an average amountcommunicate between themselves and their children, in both directions. In turn, the agility to fulfill the needs for additional cells improves when the number ofbandwidth, peak trafficinteractions with other devices and the protocol latencies are minimized. </t> <t> 6top isdropped. Ifa logical link control sitting between the IP layer and thesizeTSCH MAC layer, which provides the link abstraction that isconfigured to allowrequired forpeak emissions, energyIP operations. The 6top Protocol, 6P, which isbe wasted idle listening. </t><t> As discussed in more detailsspecified in <xreftarget='s6Pprot'/>,target="RFC8480"/>, is one of the<xref target='RFC8480'>6top Protocol</xref> specifiesservices provided by 6top. In particular, theexchanges between neighbor nodes6top services are available over a management API that enables an external management entity toreserve softschedule cellsto transmit to one another, possibly underand slotframes, and allows thecontroladdition of complementary functionality, for instance, a Scheduling Function(SF). Becausethat manages a dynamic schedule based on observed resource usage as discussed in <xref target="dynsched"/>. For thisreservation is done without global knowledge ofpurpose, theschedule6TiSCH architecture differentiates "soft" cells and "hard" cells. </t> <section><name>Hard Cells</name> <t> "Hard" cells are cells that are owned and managed by a separate scheduling entity (e.g., a PCE) that specifies the slotOffset/channelOffset ofother nodesthe cells to be added/moved/deleted, in which case 6top can only act as instructed and may not move hard cells in theLLN, scheduling collisionsTSCH schedule on its own. </t> </section> <section><name>Soft Cells</name> <t> In contrast, "soft" cells arepossible. <!--cells that 6topdefinescan manage locally. 6top contains a monitoring processwhich continuously Tracksthat monitors thepacket delivery ratioperformance of cells and that can add and remove softcells. It uses these statisticscells in the TSCH schedule totriggeradapt to the traffic needs, or move one when it performs poorly. To reserve a soft cell, the higher layer does not indicate the exact slotOffset/channelOffset of the cell to add, but rather the resulting bandwidth and QoS requirements. When thereallocation ofmonitoring process triggers asoftcellin the schedule, using a negotiation protocol betweenreallocation, theneighbors nodestwo neighbor devices communicating overthat cell. Inthis cell negotiate its new position in themost efficient instantiations of a 6TiSCH network,TSCH schedule. </t> </section> </section> <section anchor="missf"><name>Scheduling Functions and thesize6top Protocol</name> <t>In the case of soft cells, thebundlescell management entity thatimplementcontrols thelinks may be changed dynamically in orderdynamic attribution of cells to adapt to theneeddynamics ofend-to-endvariable rate flowsrouted by RPL. --> </t><t> And as discussed in <xref target='missf'/>, an optionalis called a Scheduling Function(SF)(SF). </t> <t> There may be multiple SFs that react more or less aggressively to the dynamics of the network. </t> <t> An SF may be seen as divided between an upper bandwidth-adaptation logic that is unaware of the particular technology used tomonitorobtain and release bandwidthusageandperform requests for dynamic allocation byan underlying service that maps those needs in the actual technology. In the case of TSCH using the 6topsublayer.Protocol as illustrated in <xref target="fig6P"/>, this means mapping the bandwidth onto cells. </t> <figure anchor="fig6P" suppress-title="false"><name>SF/6P Stack in 6top</name> <artwork><![CDATA[ +------------------------+ +------------------------+ | Scheduling Function | | Scheduling Function | | Bandwidth adaptation | | Bandwidth adaptation | +------------------------+ +------------------------+ | Scheduling Function | | Scheduling Function | | TSCH mapping to cells | | TSCH mapping to cells | +------------------------+ +------------------------+ | 6top cells negotiation | <- 6P -> | 6top cells negotiation | +------------------------+ +------------------------+ Device A Device B ]]></artwork> </figure> <t> The SFcomponent is not part ofrelies on 6top services that implement the <xref target="RFC8480"> 6topsublayer. It mayProtocol (6P) </xref> to negotiate the precise cells that will becollocatedallocated or freed based on thesame device orschedule of the peer. For instance, it may bepartially or fully offloadedthat a peer wants toan external system. The <xref target='I-D.ietf-6tisch-msf'> "6TiSCH Minimal Scheduling Function (MSF)"</xref> providesuse asimple scheduling functionparticular timeslot thatcan be used by default by devicesis free in its schedule, but thatsupport dynamic scheduling of soft cells. </t> <t> Monitoring and relocationtimeslot isdonealready in use by the6top layer. For the upper layer, the connection between two neighbor nodes appears asother peer to communicate with anumber of cells. Dependingthird party ontraffic requirements, the upper layer can request 6top to add or deleteanumber of cells scheduleddifferent cell. 6P enables the peers to find an agreement in aparticular neighbor, without being responsible for choosingtransactional manner that ensures theexact slotOffset/channelOffsetfinal consistency ofthose cells.the nodes' state. </t></section> <section anchor='topint'><name>Remote Monitoring and Schedule Management</name> <!--<t>The 6top interface document<xreftarget="I-D.ietf-6tisch-6top-interface"/> specifies the generic data model that can be used to monitor and manage resourcestarget="RFC9033">MSF</xref> is one of the6top sublayer. Abstract methods are suggested for use by a management entity in the device. The data model also enables remote control operations onpossible Scheduling Functions. MSF uses the6top sublayer.rendezvous slot from <xref target="RFC8180"/> for network discovery, neighbor discovery, and any other broadcast. </t> <t>The capability to interactFor basic unicast communication withtheany neighbor, each node6top sublayeruses a receive cell at a well-known slotOffset/channelOffset, which is derived frommultiple hops awaya hash of their own MAC address. Nodes canbe leveraged for monitoring, scheduling, orreach any neighbor by installing acombination of thereof. The architecture supports variations ontransmit (shared) cell with slotOffset/channelOffset derived from thedeployment model,neighbor's MAC address. </t> <t> For child-parent links, MSF continuously monitors the load between parents andfocuses onchildren. It then uses 6P to install or remove unicast cells whenever theflows rather than whether there is a proxycurrent schedule appears to be under-provisioned ora translation operation en-route.over-provisioned. </t> </section> <section><name>6top and RPL Objective Function Operations</name> <t><xref target="I-D.ietf-6tisch-coap"/> defines an mappingAn implementation of a <xref target="RFC6550">RPL</xref> Objective Function (OF), such as the6top set of commands, which<xref target="RFC6552">RPL Objective Function Zero (OF0) </xref> that isdescribedused in the <xreftarget="I-D.ietf-6tisch-6top-interface"/>, to CoAP resources. This allows an entitytarget="RFC8180">Minimal 6TiSCH Configuration</xref> tointeract withsupport RPL over a static schedule, may leverage for its internal computation the information maintained by 6top. </t> <t>An OF may require metrics about reachability, such as the Expected Transmission Count (ETX) metric <xref target="RFC6551"/>. 6toplayer ofcreates and maintains an abstract neighbor table, and this state may be leveraged to feed an OF and/or store OF information as well. A neighbor table entry may contain anodeset of statistics with respect to thatis multiple hops away in a RESTful fashion.specific neighbor. </t>--> <!--t><t> Thework atneighbor information may include the6TiSCH WG is focused on non-deterministic traffic and does not providetime when thegeneric data modellast packet has been received from thatwould be necessary to monitor and manage resourcesneighbor, a set of cell quality metrics, e.g., received signal strength indication (RSSI) or link quality indicator (LQI), the6top sublayer. It is recognized that CoAPnumber of packets sent to the neighbor, or the number of packets received from it. This information can beappropriate to interact with themade available through 6toplayer ofmanagement APIs and used, for instance, to compute anodeRank Increment thatis multiple hops away across a 6TiSCH mesh.will determine the selection of the preferred parent. </t> <t>The entity issuing6top provides statistics about theCoAP requestsunderlying layer so the OF can bea central scheduling entity (e.g., a PCE), a node multiple hops away with the authoritytuned tomodifythe nature of the TSCHschedule (e.g.,MAC layer. 6top also enables thehead of a local cluster), or a external device monitoringRPL OF to influence theoverall stateMAC behavior, for instance, by configuring the periodicity of IEEE Std 802.15.4 Extended Beacons (EBs). By augmenting thenetwork (e.g., NME). ItEB periodicity, it isalsopossiblethat a mapping entity onto change thebackbone transforms a non-CoAP protocol suchnetwork dynamics so asPCEP into the RESTful interfaces thatto improve the6TiSCHsupport of devicessupport. </t--> <t> Remote monitoring and Schedule Management refers to a DetNet/SDN model whereby an NME and a scheduling entity, associated with a PCE, residethat may change their point of attachment ina central controller and interact withthe6top layer to control IPv6 Links and Tracks (<xref target='ontrk'/>) in a6TiSCH network.The composite centralized controller can assign physical resources (e.g., buffers and hard cells) to a particular Track to optimize the reliability within a bounded latency for a well-specified flow.</t> <t>The work at the 6TiSCH WG focused on non-deterministic traffic and did not provideSome RPL control messages, such as thegeneric data modelDODAG Information Object (DIO), are ICMPv6 messages that are broadcast to all neighbor nodes. With 6TiSCH, the broadcast channel requirement isnecessaryaddressed by 6top by configuring TSCH to provide a broadcast channel, as opposed to, for instance, piggybacking thecontroller to monitorDIO messages in Layer 2 Enhanced Beacons (EBs), which would produce undue timer coupling among layers andmanage resources ofpacket size issues, and could conflict with the6top sublayer. This is deferredpolicy of production networks where EBs are mostly eliminated tofuture work, see <xref target='unchartered-tracks'/>.conserve energy. </t><!-- for later --></section> <section anchor="sync"><name>Network Synchronization</name> <t>With respectNodes in a TSCH network must be time synchronized. A node keeps synchronized toCentralized routingits time source neighbor through a combination of frame-based andscheduling,acknowledgment-based synchronization. To maximize battery life and network throughput, it isenvisionedadvisable that RPL ICMP discovery and maintenance traffic (governed by therelated component ofTrickle timer) be somehow coordinated with the6TiSCH Architecture wouldtransmission of time synchronization packets (especially with Enhanced Beacons). </t> <t> This could be achieved through anextensioninteraction of the<xref target='RFC8655'>DetNet Architecture</xref>, which studies Layer-3 aspects of Deterministic Networks,6top sublayer andcovers networks that span multiple Layer-2 domains.the RPL Objective Function, or could be controlled by a management entity. </t> <t>The DetNet architecture is a form of Software Defined Networking (SDN) Architecture and is composed of three planes,Time distribution requires a(User) Application Plane,loop-free structure. Nodes caught in aController Plane (wheresynchronization loop will rapidly desynchronize from thePCE operates),network anda Network Plane which can represent abecome isolated. 6TiSCHLLN. </t> <t> <xref target='RFC7426'>Software-Defined Networking (SDN): Layers and Architecture Terminology</xref> proposesuses ageneric representationRPL DAG with a dedicated global Instance for the purpose of time synchronization. That Instance is referred to as the Time Synchronization Global Instance (TSGI). The TSGI can be operated in either of theSDN architecturethree modes thatis reproducedare detailed in Section <xreftarget='RFC7426archi'/>. </t> <figure align='center' anchor='RFC7426archi'><name>SDN Layers and Architecture Terminology per RFC 7426</name> <artwork align='left'> <![CDATA[ o--------------------------------o | | | +-------------+ +----------+ | | | Application | | Service | | | +-------------+ +----------+ | | Application Plane | o---------------Y----------------o | *-----------------------------Y---------------------------------* | Network Services Abstraction Layer (NSAL) | *------Y------------------------------------------------Y-------* | | | Service Interface | | | o------Y------------------o o---------------------Y------o | | Control Plane | | Management Plane | | | +----Y----+ +-----+ | | +-----+ +----Y----+ | | | Service | | App | | | | App | | Service | | | +----Y----+ +--Y--+ | | +--Y--+ +----Y----+ | | | | | | | | | | *----Y-----------Y----* | | *---Y---------------Y----* | | | Control Abstraction | | | | Management Abstraction | | | | Layer (CAL) | | | | Layer (MAL) | | | *----------Y----------* | | *----------Y-------------* | | | | | | | o------------|------------o o------------|---------------o | | | CP | MP | Southbound | Southbound | Interface | Interface | | *------------Y---------------------------------Y----------------* | Devicetarget="RFC6550" section="3.1.3" sectionFormat="bare" format="default"/> of <xref target="RFC6550">RPL</xref>, "Instances, DODAGs, andresource Abstraction Layer (DAL) | *------------Y---------------------------------Y----------------* | | | | | o-------Y----------o +-----+ o--------Y----------o | | | Forwarding Plane | | App | | Operational Plane | | | o------------------o +-----+ o-------------------o | | Network Device | +---------------------------------------------------------------+ ]]></artwork> </figure> <t>The PCE establishes end-to-end TracksDODAG Versions". Multiple uncoordinated DODAGs with independent Roots may be used if all the Roots share a common time source such as the Global Positioning System (GPS). </t> <t> In the absence ofhard cells, which are describeda common time source, the TSGI should form a single DODAG with a virtual Root. A backbone network is then used to synchronize and coordinate RPL operations between the Backbone Routers that act as sinks for the LLN. Optionally, RPL's periodic operations may be used to transport the network synchronization. This may mean that 6top would need to trigger (override) the Trickle timer if no other traffic has occurred for such a time that nodes may get out of synchronization. </t> <t> A node that has not joined the TSGI advertises a MAC-level Join Priority of 0xFF to notify its neighbors that is not capable of serving as time parent. A node that has joined the TSGI advertises a MAC-level Join Priority set to its DAGRank() inmore detailsthat Instance, where DAGRank() is the operation specified in Section <xreftarget='trkfwd'/>.target="RFC6550" section="3.5.1" sectionFormat="bare" format="default"/> of <xref target="RFC6550"/>, "Rank Comparison". </t> <t> TheDetNet workprovisioning of a RPL Root is out of scope for both RPL and this architecture, whereas RPL enables the propagation of configuration information down the DODAG. This applies to the TSGI as well; a Root is configured, or obtains by unspecified means, the knowledge of the RPLInstanceID for the TSGI. The Root advertises its DagRank in the TSGI, which must be less than 0xFF, as its Join Priority in its IEEE Std 802.15.4 EBs. </t> <t> A node that reads a Join Priority of less than 0xFF should join the neighbor with the lesser Join Priority and use it as time parent. If the node isexpected to enable endconfigured toend Deterministic Path across heterogeneous network. This can be for instanceserve as time parent, then the node should join the TSGI, obtain a6TiSCH LLNRank in that Instance, andan Ethernet Backbone. </t> <t>This model fitsstart advertising its own DagRank in the6TiSCH extended configuration, whereby a 6BBR federates multiple 6TiSCH LLNTSGI as its Join Priority ina single subnetits EBs. </t> </section> <section anchor="slotframes"><name>Slotframes and CDU Matrix</name> <t> 6TiSCH enables IPv6 best-effort (stochastic) transmissions over abackbone that can be, for instance, Ethernet or Wi-Fi. InMAC layer thatmodel, 6TiSCH 6BBRs synchronize with one another overis also capable of scheduled (deterministic) transmissions. A window of time is defined around thebackbone, soscheduled transmission where the medium must, as much as practically feasible, be free of contending energy to ensure that themultiple LLNsmedium is free of contending packets when the time comes for a scheduled transmission. One simple way to obtain such a window is to format time and frequencies in cells of transmission of equal duration. This is the method thatformis adopted in IEEE Std 802.15.4 TSCH as well as theIPv6 subnet stay tightly synchronized.Long Term Evolution (LTE) of cellular networks. </t> <t>IfThe 6TiSCH architecture defines a global concept that is called a Channel Distribution and Usage (CDU) matrix to describe that formatting of time and frequencies. </t> <t> A CDU matrix is defined centrally as part of theBackbonenetwork definition. It isDeterministic, thena matrix of cells with a height equal to theBackbone Router ensuresnumber of available channels (indexed by channelOffsets) and a width (in timeslots) thatthe end-to-end deterministic behaviorismaintained betweentheLLN andperiod of thebackbone. It isnetwork scheduling operation (indexed by slotOffsets) for that CDU matrix. There are different models for scheduling the usage of the cells, which place the responsibility of avoiding collisions either on a central controller or on thePCEdevices themselves, at an extra cost in terms of energy tocomputescan for free cells (more in <xref target="schd"/>). </t> <t> The size of adeterministic pathcell is a timeslot duration, and values of 10 toend across the15 milliseconds are typical in 802.15.4 TSCHnetworkto accommodate for the transmission of a frame and anIEEE Std. 802.1 TSN Ethernet backbone, and that of DetNetack, including the security validation on the receive side, which may take up toenable end-to-end deterministic forwarding.a few milliseconds on some device architecture. </t></section> <section><name>Hop-by-hop Scheduling</name><t> Anode can reserveCDU matrix iterates over a<xref target='ontrk'>Track</xref> to one or more destination(s) that arewell-known channel rotation called the hopping sequence. In a given network, there might be multiplehops away by installing soft cells at each intermediate node. This formsCDU matrices that operate with different widths, so they have different durations and represent different periodic operations. It is recommended that all CDU matrices in aTrack6TiSCH domain operate with the same cell duration and are aligned so as to reduce the chances ofsoft cells. A Track Scheduling Function aboveinterferences from the6top sublayerSlotted ALOHA operations. The knowledge ofeach node ontheTrack is needed to monitor these soft cells and trigger relocation when needed. </t> <t> This hop-by-hop reservation mechanismCDU matrices isexpected to be similarshared between all the nodes and used inessenceparticular to<xref target='RFC3209'/> and/or <xref target='RFC4080'/>/<xref target='RFC5974'/>. The protocol fordefine slotframes. </t> <t> A slotframe is anode to trigger hop-by-hop schedulingMAC-level abstraction that isnot yet defined. </t> </section> </section> <!-- <section anchor="topo" title="6TiSCH Device Capabilities"> <t>6TiSCHcommon to all nodesare usually IoT devices,and contains a series of timeslots of equal length and precedence. It is characterized byvery limited amount of memory, just enough buffers to store one orafew IPv6 packets,slotframe_ID andlimited bandwidth between peers. It results thatanode will maintain onlyslotframe_size. A slotframe aligns to asmallCDU matrix for its parameters, such as numberof peering information,andwill not be able to store many packets waiting to be forwarded. Peersduration of timeslots. </t> <t> Multiple slotframes canbe identified through MAC or IPv6 addresses, butcoexist in aCryptographically Generated Address <xref target="RFC3972"/> (CGA)node schedule, i.e., a node can have multiple activities scheduled in different slotframes. A slotframe is associated with a priority that mayalsobeused.related to the precedence of different 6TiSCH topologies. The slotframes may be aligned to different CDU matrices and thus have different widths. There is typically one slotframe for scheduled traffic that has the highest precedence and one or more slotframe(s) for RPL traffic. The timeslots in the slotframe are indexed by the slotOffset; the first cell is at slotOffset 0. </t> <t>NeighborsWhen a packet is received from a higher layer for transmission, 6top inserts that packet in the outgoing queue that matches the packet best (Differentiated Services <xref target="RFC2474"/> can therefore bediscovered over the radio using mechanism such as beacons, but, thoughused). At each scheduled transmit slot, 6top looks for theneighbor information is availableframe in all the6TiSCH interface data model, 6TiSCH does not describe a protocol to pro-actively pushoutgoing queues that best matches theneighborhood information tocells. If aPCE. This protocol should be described and should operate over CoAP. The protocol should be ableframe is found, it is given tocarry multiple metrics, in particularthesame metrics as usedTSCH MAC forRPL operations <xref target="RFC6551"/>.transmission. </t> </section> <section anchor="DistRsvTS"><name>Distributing the Reservation of Cells</name> <t> Theenergy that6TiSCH architecture introduces thedevice consumes in sleep, transmit and receive modes can be evaluated and reported. So canconcept of chunks (<xref target="sixTTerminology"/>) to distribute theamountallocation ofenergy thatthe spectrum for a whole group of cells at a time. The CDU matrix isstoredformatted into a set of chunks, possibly as illustrated in <xref target="fig10"/>, each of thedevice and the power that it can be scavenged from the environment.chunks identified uniquely by a chunk-ID. ThePCE SHOULD be able to compute Tracks that will implement policies on how the energyknowledge of this formatting isconsumed, for instance balanceshared betweennodes, ensure thatall thespent energy does not exceedednodes in a 6TiSCH network. It could be conveyed during thescavenged energy overjoin process, codified into aperiodprofile document, or obtained using some other mechanism. This is as opposed to Static Scheduling, which refers to the preprogrammed mechanism specified in <xref target="RFC8180"/> and which existed before the distribution oftime, etc...the chunk formatting. </t></section> </section> --> <section anchor='ontrk'><name>On Tracks</name><figure anchor="fig10"><name>CDU Matrix Partitioning in Chunks</name> <artwork align="center"><![CDATA[ +-----+-----+-----+-----+-----+-----+-----+ +-----+ chan.Off. 0 |chnkA|chnkP|chnk7|chnkO|chnk2|chnkK|chnk1| ... |chnkZ| +-----+-----+-----+-----+-----+-----+-----+ +-----+ chan.Off. 1 |chnkB|chnkQ|chnkA|chnkP|chnk3|chnkL|chnk2| ... |chnk1| +-----+-----+-----+-----+-----+-----+-----+ +-----+ ... +-----+-----+-----+-----+-----+-----+-----+ +-----+ chan.Off. 15 |chnkO|chnk6|chnkN|chnk1|chnkJ|chnkZ|chnkI| ... |chnkG| +-----+-----+-----+-----+-----+-----+-----+ +-----+ 0 1 2 3 4 5 6 M ]]></artwork> </figure> <t> The 6TiSCH architectureintroduces the concept of a Track, which isenvisions adirected path fromprotocol that enables chunk ownership appropriation whereby asource 6TiSCH node to one or more destination 6TiSCH node(s) acrossRPL parent discovers a6TiSCH LLN. </t> <t> A Trackchunk that isthe 6TiSCH instantiation of the concept of a Deterministic Path as describednot used in<xref target='RFC8655'/>. Constrained resources such as memory buffers are reserved for that Trackits interference domain, claims the chunk, and then defends it inintermediate 6TiSCH nodes to avoid loss relatedcase another RPL parent would attempt tolimited capacity. A 6TiSCH node along a Track not only knows which bundles of cellsappropriate itshould use to receive packets from a previous hop, but also knows which bundle(s)while itshould use to send packets to its next hop along the Track. </t> <section><name>General Behavior of Tracks</name> <t> A Trackisassociated with Layer-2 bundlesin use. The chunk is the basic unit ofcells with related schedules and logical relationships and that ensure that a packetownership that isinjected in a Track will progressused indue time all the way to destination.that process. </t> <t>Multiple cells may be scheduled inAs aTrack forresult of thetransmissionprocess ofa single packet, inchunk ownership appropriation, the RPL parent has exclusive authority to decide whichcasecell in thenormal operation of IEEE Std. 802.15.4 Automatic Repeat-reQuest (ARQ)appropriated chunk cantake place; the acknowledgment maybeomittedused by which node insome cases, for instance if thereits interference domain. In other words, it is implicitly delegated the right to manage the portion of the CDU matrix that isno scheduled cell for a possible retry.represented by the chunk. </t> <t>ThereInitially, those cells areseveral benefits for using a Track to forward a packet from a source nodeadded to thedestination node.heap of free cells, then dynamically placed into existing bundles, into new bundles, or allocated opportunistically for one transmission. </t><ol spacing='normal'> <li> Track forwarding, as further described in <xref target='trkfwd'/>, is<t> Note that aLayer-2 forwarding scheme, which introduces less process delay and overhead than Layer-3 forwarding scheme. Therefore, LLN Devices can save more energy and resource, whichPCE iscritical for resource constrained devices. </li> <li> Since channel resources, i.e., bundles of cells,expected to havebeen reserved for communications between 6TiSCH nodes of each hop on the Track, the throughput and the maximum latency ofprecedence in thetraffic alongallocation, so that aTrackRPL parent would only be able to obtain portions that areguaranteed andnot in use by thejitter is maintained small. </li> <li> By knowingPCE. </t> </section> </section> <section anchor="schd"><name>Schedule Management Mechanisms</name> <t> 6TiSCH uses four paradigms to manage thescheduled time slotsTSCH schedule ofincoming bundle(s)the LLN nodes: Static Scheduling, Neighbor-to-Neighbor Scheduling, Remote Monitoring andoutgoing bundle(s), 6TiSCH nodes on a Track could save more energy by staying in sleep state during in-active slots. </li> <li> TracksScheduling Management, and Hop-by-Hop Scheduling. Multiple mechanisms areprotected from interfering with one another if a cell is scheduled to belong to at most one Track,defined that implement the associated Interaction Models, andcongestion loss is avoided if at most one packetthey can bepresented tocombined and used in theMACsame LLN. Which mechanism(s) to usethat cell. Tracks enhancedepends on application requirements. </t> <section anchor="mini"><name>Static Scheduling</name> <t> In thereliabilitysimplest instantiation oftransmissions and thus further improve the energy consumption in LLN Devicesa 6TiSCH network, a common fixed schedule may be shared byreducingall nodes in thechances of retransmission. </li> </ol><t>network. Cells are shared, and nodes contend for slot access in a Slotted ALOHA manner. </t></section> <section><name>Serial Track</name><t> ASerial (or simple) Track is the 6TiSCH version ofstatic TSCH schedule can be used to bootstrap acircuit;network, as an initial phase during implementation or as abundlefall-back mechanism in case ofcells that are programmed to receive (RX-cells)network malfunction. This schedule isuniquely paired to a bundle of cells that are set to transmit (TX-cells), representingpreestablished, for instance, decided by aLayer-2 forwarding state whichnetwork administrator based on operational needs. It can beused regardless ofpreconfigured into the nodes, or, more commonly, learned by a node when joining the networklayer protocol. A Serial Track is thus formed end-to-end asusing standard IEEE Std 802.15.4 Information Elements (IE). Regardless, the schedule remains unchanged after the node has joined asuccessionnetwork. RPL is used on the resulting network. This "minimal" scheduling mechanism that implements this paradigm is detailed in <xref target="RFC8180"/>. </t> </section> <section anchor="dynsched"><name>Neighbor-to-Neighbor Scheduling</name> <t> In the simplest instantiation ofpaired bundles,areceive bundle from6TiSCH network described in <xref target="mini"/>, nodes may expect a packet at any cell in theprevious hopschedule and will waste energy idle listening. In atransmit bundle to the next hop along the Track. </t> <t> Formore complex instantiation of agiven iteration6TiSCH network, a matching portion of thedevice schedule,schedule is established between peers to reflect theeffective channelobserved amount of transmissions between those nodes. The aggregation of thecell is obtained by following incells between aloopnode and awell-known hopping sequencepeer forms a bundle thatstarted at Epoch time atthechannelOffset of6top sublayer uses to implement thecell, which results in a rotationabstraction ofthe frequency that useda link fortransmission.IP. Thebundles may be computed so asbandwidth on that link is proportional toaccommodate both variable rates and retransmissions, so they might not be fully used in the iteration oftheschedule. </t> </section> <section><name>Complex Track with Replication and Elimination</name> <t> The artnumber ofDeterministic Networks already include Packet Replication and Elimination techniques. Example standards includecells in theParallel Redundancy Protocol (PRP) andbundle. </t><t> If theHigh-availability Seamless Redundancy (HSR) <xref target='IEC62439'/>. Similarly, and as opposed tosize of aSerial Track thatbundle isa sequenceconfigured to fit an average amount ofnodes and links, a Complex Trackbandwidth, peak traffic isshaped as a directed acyclic graph towards one or more destination(s)dropped. If the size is configured tosupport multi-path forwarding and route around failures. </t> <t> A Complex Track may branch off over non congruent branchesallow forthe purpose of multicasting, and/or redundancy,peak emissions, energy is wasted idle listening. </t><t> As discussed inwhich case it reconverges later downmore detail in <xref target="s6Pprot"/>, thepath. This enables<xref target="RFC8480">6top Protocol</xref> specifies thePacket Replication, Elimination and Ordering Functions (PREOF) defined by Detnet. Packet ARQ, Replication, Elimination and Overhearing (PAREO) adds radio-specific capabilities of Layer-2 ARQ and promiscuous listeningexchanges between neighbor nodes toredundant transmissionsreserve soft cells tocompensate fortransmit to one another, possibly under thelossinesscontrol of a Scheduling Function (SF). Because this reservation is done without global knowledge of themedium and meet industrial expectationsschedule ofa Reliable and Available Wireless network. Combining PAREO and PREOF, a Track may extend beyondthe6TiSCH networkother nodes ina larger DetNet network. </t> <t> Intheart of TSCH, a path does not necessarily support PRE but it is almost systematically multi-path. This means that a Track is scheduled soLLN, scheduling collisions are possible. </t><t> And asto ensure that each hop has at least two forwarding solutions, and the forwarding decisiondiscussed in <xref target="missf"/>, an optional SF is used totry the preferred onemonitor bandwidth usage anduseto perform requests for dynamic allocation by theother in case6top sublayer. The SF component is not part ofLayer-2 transmission failure as detected by ARQ. Similarly, at each 6TiSCH hop alongtheTrack,6top sublayer. It may be co-located on thePCEsame device or mayschedule more than one timeslot for a packet, so asbe partially or fully offloaded to an external system. The <xref target="RFC9033"> "6TiSCH Minimal Scheduling Function (MSF)"</xref> provides a simple SF that can be used by default by devices that supportLayer-2 retries (ARQ). Itdynamic scheduling of soft cells. </t> <t> Monitoring and relocation isalso possible thatdone in thefield device only uses6top sublayer. For thesecond branch if sending overupper layer, the connection between two neighbor nodes appears as a number of cells. Depending on traffic requirements, the upper layer can request 6top to add or delete a number of cells scheduled to a particular neighbor, without being responsible for choosing thefirst branch fails.exact slotOffset/channelOffset of those cells. </t> </section><section><name>DetNet End-to-end Path</name><section anchor="topint"><name>Remote Monitoring and Schedule Management</name> <t>Ultimately, DetNet should enableRemote Monitoring and Schedule Management refers toextendaTrack beyond the 6TiSCH LLN as illustrated in <xref target='elifig'/>. In that example,DetNet/SDN model whereby an NME and aTrack that is laid out fromscheduling entity, associated with afield devicePCE, reside in a6TiSCH network to an IoT gateway that is located on an 802.1 Time-Sensitive Networking (TSN) backbone. A 6TiSCH-Aware DetNet Service Layer handlescentral controller and interact with thePacket Replication, Elimination,6top sublayer to control IPv6 links andOrdering Functions overTracks (<xref target="ontrk"/>) in a 6TiSCH network. The composite centralized controller can assign physical resources (e.g., buffers and hard cells) to a particular Track to optimize theDODAG that formsreliability within aTrack.bounded latency for a well-specified flow. </t> <t> TheReplication functionwork in the 6TiSCHNode sends a copy of each packet over two different branches,Working Group focused on nondeterministic traffic and did not provide thePCE schedules each hopgeneric data model necessary for the controller to monitor and manage resources ofboth branches sothe 6top sublayer. This is deferred to future work, see <xref target="unchartered-tracks"/>. </t> <t> With respect to centralized routing and scheduling, it is envisioned that thetwo copies arrive in due time atrelated component of thegateway. In case6TiSCH architecture would be an extension of the <xref target="RFC8655">DetNet architecture</xref>, which studies Layer 3 aspects of Deterministic Networks and covers networks that span multiple Layer 2 domains. </t> <t> The DetNet architecture is a form of Software-Defined Networking (SDN) architecture and is composed of three planes: aloss on one branch, hopefully(User) Application Plane, a Controller Plane (where theother copyPCE operates), and a Network Plane, which can represent a 6TiSCH LLN. </t> <t> <xref target="RFC7426">"Software-Defined Networking (SDN): Layers and Architecture Terminology"</xref> proposes a generic representation of thepacket still makes it in due time. If two copies make it to the IoT gateway, the Elimination functionSDN architecture that is reproduced inthe gateway ignores the extra packet and presents only one copy to upper layers.<xref target="RFC7426archi"/>. </t> <figurealign='center' anchor='elifig'><name>Example End-to-End DetNet Track</name> <artwork><![CDATA[ +-=-=-+align="center" anchor="RFC7426archi"><name>SDN Layers and Architecture Terminology per RFC 7426</name> <artwork align="left"><![CDATA[ o--------------------------------o | | | +-------------+ +----------+ | | | Application | | Service | | | +-------------+ +----------+ | | Application Plane | o---------------Y----------------o | *-----------------------------Y---------------------------------* | Network Services Abstraction Layer (NSAL) | *------Y------------------------------------------------Y-------* | | | Service Interface | | | o------Y------------------o o---------------------Y------o | | Control Plane | | Management Plane | | | +----Y----+ +-----+ | | +-----+ +----Y----+ | | | Service | | App | | | | App | | Service | | | +----Y----+ +--Y--+ | | +--Y--+ +----Y----+ | | | | | | | | | | *----Y-----------Y----* | | *---Y---------------Y----* | | | Control Abstraction | | | | Management Abstraction | | | | Layer (CAL) | | | | Layer (MAL) | | | *----------Y----------* | | *----------Y-------------* | | | | | | | o------------|------------o o------------|---------------o | | | CP | MP | Southbound | Southbound | Interface | Interface |IoT| *------------Y---------------------------------Y----------------* |G/WDevice and resource Abstraction Layer (DAL) |+-=-=-+ ^ <=== Elimination Track branch*------------Y---------------------------------Y----------------* | |+-=-=-=-+ +-=-=-=-=+ Subnet Backbone| |+-=|-=+ +-=|-=+| o-------Y----------o +-----+ o--------Y----------o | |Backbone| Forwarding Plane | |Backbone oApp | | Operational Plane |router| | o------------------o +-----+ o-------------------o |router +-=/-=+ +-=|-=+ o / o o-=-o-=-=/ o o o-=-o-=/ o o o o o o \ / o o LLN o o v <=== Replication o| Network Device | +---------------------------------------------------------------+ ]]></artwork> </figure></section> <section><name>Cell Reuse</name> <t> The 6TiSCH architecture provides means to avoid waste<t>The PCE establishes end-to-end Tracks ofcells as well as overflowshard cells, which are described inthe transmit bundle of a Track, as follows:more detail in <xref target="trkfwd"/>. </t> <t>A TX-cell thatThe DetNet work isnot neededexpected to enable end-to-end deterministic paths across heterogeneous networks. This can be, forthe current iteration may be reused opportunistically oninstance, aper-hop basis for routed packets. When all of6TiSCH LLN and an Ethernet backbone. </t> <t>This model fits theframe that were received for6TiSCH extended configuration, whereby agiven Track are effectively transmitted, any available TX-cell for6BBR federates multiple 6TiSCH LLNs in a single subnet over a backbone thatTrackcanbe reused for upper layer trafficbe, forwhich the next-hop router matchesinstance, Ethernet or Wi-Fi. In that model, 6TiSCH 6BBRs synchronize with one another over thenext hop alongbackbone, so as to ensure that theTrack. Inmultiple LLNs thatcase,form thecellIPv6 subnet stay tightly synchronized. </t> <t> If the backbone is deterministic, then the Backbone Router ensures that the end-to-end deterministic behavior isbeing usedmaintained between the LLN and the backbone. It iseffectively a TX-cell fromtheTrack, butresponsibility of theshort address forPCE to compute a deterministic path end to end across thedestinationTSCH network and an IEEE Std 802.1 TSN Ethernet backbone, and it isthat ofthenext-hop router.responsibility of DetNet to enable end-to-end deterministic forwarding. </t> </section> <section><name>Hop-by-Hop Scheduling</name> <t>It results inA node can reserve aframe<xref target="ontrk">Track</xref> to one or more destination(s) thatis received inare multiple hops away by installing soft cells at each intermediate node. This forms aRX-cellTrack ofasoft cells. A Trackwith a destination MAC address set to this node as opposed toSF above thebroadcast MAC address must be extracted from6top sublayer of each node on the Trackand deliveredis needed tothe upper layer. Note that a frame with an unrecognized destination MAC addressmonitor these soft cells and trigger relocation when needed. </t> <t> This hop-by-hop reservation mechanism isdropped at the lower MAC layerexpected to be similar in essence to <xref target="RFC3209"/> and/or <xref target="RFC4080"/> andthus<xref target="RFC5974"/>. The protocol for a node to trigger hop-by-hop scheduling is notreceived at the 6top sublayer.yet defined. </t> </section> </section> <section anchor="ontrk"><name>On Tracks</name> <t>On the other hand, it might happen that there are not enough TX-cells inThe architecture introduces thetransmit bundleconcept of a Track, which is a directed path from a source 6TiSCH node toaccommodate the Track traffic, for instance ifone or moreretransmissionsdestination 6TiSCH node(s) across a 6TiSCH LLN. </t> <t> A Track is the 6TiSCH instantiation of the concept of a deterministic path as described in <xref target="RFC8655"/>. Constrained resources such as memory buffers areneeded than provisioned. In that case, and if the frame transports an IPv6 packet, then it can be placedreserved fortransmission in the bundlethatis used for Layer-3 traffic towards theTrack in intermediate 6TiSCH nodes to avoid loss related to limited capacity. A 6TiSCH node along a Track not only knows which bundles of cells it should use to receive packets from a previous hop but also knows which bundle(s) it should use to send packets to its next hop along the Track.The MAC address should be set to the next-hop MAC address to avoid confusion.</t> <section><name>General Behavior of Tracks</name> <t>It results inA Track is associated with Layer 2 bundles of cells with related schedules and logical relationships that ensure that aframepacket that isreceived overinjected in aLayer-3 bundleTrack will progress in due time all the way to destination. </t> <t> Multiple cells may be scheduled infact associated toaTrack. InTrack for the transmission of aclassical IP link such as an Ethernet, off-Track traffic is typicallysingle packet, inexcess over reservation to be routed along the non-reserved path based on its QoS setting. But with 6TiSCH, sincewhich case theusenormal operation of IEEE Std 802.15.4 Automatic Repeat-reQuest (ARQ) can take place; theLayer-3 bundleacknowledgment may bedue to transmission failures, it makes senseomitted in some cases, forthe receiver to recognize a frame that should be re-Tracked, and to place it back on the appropriate bundle if possible. <!-- A frame should be re-Trackedinstance, ifthe Per-Hop-Behavior group indicated in the Differentiated Services Field of the IPv6 headerthere issetno scheduled cell for a possible retry. </t> <t> There are several benefits for using a Track toDeterministicforward a packet from a source node to the destination node: </t> <ol spacing="normal"> <li> Track Forwarding, asdiscussedfurther described in <xreftarget="pmh"/ -->. A frametarget="trkfwd"/>, isre-Tracked by scheduling ita Layer 2 forwarding scheme, which introduces less process delay and overhead than a Layer 3 forwarding scheme. Therefore, LLN devices can save more energy and resources, which is critical fortransmission over the transmit bundle associated toresource-constrained devices. </li> <li> Since channel resources, i.e., bundles of cells, have been reserved for communications between 6TiSCH nodes of each hop on the Track,withthedestination MAC address set to broadcast. </t> </section> </section> <section anchor='fwd'><name>Forwarding Models</name> <!-- TW: Forwarding models should be formalized inthroughput and the maximum latency of the traffic along astandards-Track draft? One should be MUST (IPv6?),Track are guaranteed, and theothers SHOULD? --> <t>jitter is minimized. </li> <li> Byforwarding, this document meansknowing theper-packet operation that allows to deliver a packet toscheduled timeslots of incoming bundle(s) and outgoing bundle(s), 6TiSCH nodes on anext hop or an upper layerTrack could save more energy by staying inthis node. Forwarding is based on pre-existingsleep statethat was installed asduring inactive slots. </li> <li> Tracks are protected from interfering with one another if aresultcell is scheduled to belong to at most one Track, and congestion loss is avoided if at most one packet can be presented to the MAC to use that cell. Tracks enhance the reliability ofa routing computation <xref target='rtg'/>. 6TiSCH supports three different forwarding model:(G-MPLS) Track Forwarding, (classical) IPv6 Forwardingtransmissions and(6LoWPAN) Fragment Forwarding. </t> <section anchor='trkfwd'><name>Track Forwarding</name>thus further improve the energy consumption in LLN devices by reducing the chances of retransmission. </li> </ol> </section> <section><name>Serial Track</name> <t>Forwarding along aA Serial (or simple) Trackcan be seen asis the 6TiSCH version of aGeneralized Multi-protocol Label Switching (G-MPLS) operation incircuit: a bundle of cells thatthe information usedare programmed toswitch a framereceive (RX-cells) isnot an explicit label, but rather related to other properties of the way the packet was received,uniquely paired with aparticular cell in the casebundle of6TiSCH. As a result, as long as the TSCH MAC (and Layer-2 security) acceptscells that are set to transmit (TX-cells), representing aframe,Layer 2 forwarding state thatframecan beswitchedused regardless of theprotocol, whether this is an IPv6 packet, a 6LoWPAN fragment, or a frame from an alternate protocol such as WirelessHART or ISA100.11a. </t> <t>network-layer protocol. Adata frame that is forwarded along aSerial Tracknormally has a destination MAC address thatisset to broadcast - orthus formed end-to-end as amulticast address depending on MAC support. This way, the MAC layer in the intermediate nodes acceptssuccession of paired bundles: a receive bundle from theincoming frameprevious hop and6top switches it without incurringachange in the MAC header. Intransmit bundle to thecase of IEEE Std. 802.15.4, this means effectively broadcast, so thatnext hop along theTrack the short address for the destination of the frame is set to 0xFFFF.Track. </t> <t>There are 2 modes for a Track, an IPv6 native mode andFor aprotocol-independant tunnel mode. </t> <section><name>Native Mode</name> <t> In native mode, the Protocol Data Unit (PDU) is associated with flow-dependent meta-data that refers uniquely to the Track, sogiven iteration of the6top sublayer can placedevice schedule, theframe ineffective channel of theappropriatecellwithout ambiguity. Inis obtained by looping through a well-known hopping sequence beginning at Epoch time and starting at thecasecell's channelOffset, which results in a rotation ofIPv6 traffic, this flow identificationthe frequency that is used for transmission. The bundles may bedone using a 6-tuplecomputed so asdiscussedto accommodate both variable rates and retransmissions, so they might not be fully used in<xref target='I-D.ietf-detnet-ip'/>. In particular, implementations of this document should support identificationthe iteration ofDetNet flows based ontheIPv6 Flow Label field.schedule. </t> </section> <section><name>Complex Track with Replication and Elimination</name> <t> Theflow followsart of Deterministic Networks already includes packet replication and elimination techniques. Example standards include the Parallel Redundancy Protocol (PRP) and the High-availability Seamless Redundancy (HSR) <xref target="IEC62439"/>. Similarly, and as opposed to a Serial Trackwhich identificationthat isdone using a RPL Instance (see section 3.1.3 of <xref target='RFC6550'/>), signaled inaRPL Packet Information (more in section 11.2.2.1sequence of<xref target='RFC6550'/>)nodes andthe destination address in the case oflinks, alocal instance. OneComplex Track is shaped as a directed acyclic graph towards one or moreflowsdestination(s) to support multipath forwarding and route around failures. </t> <t> A Complex Track maybe placedbranch off over noncongruent branches for the purpose of multicasting and/or redundancy, in which case, it reconverges later down the path. This enables the Packet Replication, Elimination, and Ordering Functions (PREOF) defined by DetNet. Packet ARQ, Replication, Elimination, and Overhearing (PAREO) adds radio-specific capabilities of Layer 2 ARQ and promiscuous listening to redundant transmissions to compensate for the lossiness of the medium and meet industrial expectations of asame TrackRAW network. Combining PAREO andthePREOF, a Trackidentification (TrackID + owner)maybe placed in an IP-in-IP encapsulation. The forwarding operation is based on the Track and does not depend onextend beyond theflow therein.6TiSCH network into a larger DetNet network. </t> <t>TheIn the art of TSCH, a path does not necessarily support PRE, but it is almost systematically multipath. This means that a Trackidentificationisvalidatedscheduled so as to ensure that each hop has ategress before restoring the destination MAC address (DMAC)least two forwarding solutions, andpuntingthe forwarding decision is to try theupper layer. </t> <t><xref target='fig6t'/> illustratespreferred one and use theTrack Forwarding operation which happensother in case of Layer 2 transmission failure as detected by ARQ. Similarly, at each 6TiSCH hop along the6top sublayer, below IP. </t> <figure anchor='fig6t'><name>Track Forwarding, Native Mode</name> <artwork><![CDATA[ | Packet flowing acrossTrack, thenetwork ^ +--------------+ | | | IPv6 | | | +--------------+ | | | 6LoWPAN HC | | | +--------------+ ingress egress | 6top | sets +----+ +----+ restores +--------------+ DMAC to | | | | DMACPCE may schedule more than one timeslot for a packet, so as to| TSCH MAC | brdcst | | | | dest +--------------+ | | | | | | | LLN PHY | +-------+ +--...-----+ +-------+ +--------------+ Ingress Relay Relay Egress Stacksupport LayerNode Node Node Node ]]></artwork> </figure>2 retries (ARQ). It is also possible that the field device only uses the second branch if sending over the first branch fails. </t> </section><section><name>Tunnel Mode</name><section><name>DetNet End-to-End Path</name> <t>In tunnel mode,Ultimately, DetNet should enable extending a Track beyond theframes originate6TiSCH LLN as illustrated in <xref target="elifig"/>. In that example, a Track is laid out from a field device in a 6TiSCH network to anarbitrary protocolIoT gateway that is located on an 802.1 Time-Sensitive Networking (TSN) backbone. A 6TiSCH-aware DetNet service layer handles the Packet Replication, Elimination, and Ordering Functions overa compatible MACthe DODAG thatmay or may not be synchronized withforms a Track. </t> <t> The Replication function in the 6TiSCHnetwork. An example of this would be a router withNode sends adual radio that is capablecopy ofreceivingeach packet over two different branches, andsending WirelessHART or ISA100.11a frames withthesecond radio, by presenting itself as an access Point or a Backbone Router, respectively. InPCE schedules each hop of both branches so thatmode, some entity (e.g., PCE) can coordinate withthe two copies arrive in due time at the gateway. In case of aWirelessHART Network Manager or an ISA100.11a System Managerloss on one branch, hopefully the other copy of the packet still makes it in due time. If two copies make it tospecifytheflows that are transported. </t> <figure anchor='fig6'><name>Track Forwarding, Tunnel Mode</name> <artwork><![CDATA[ +--------------+ | IPv6 | +--------------+ | 6LoWPAN HC | +--------------+ set restore | 6top | +DMAC+ +DMAC+ +--------------+ to|brdcst to|nexthop | TSCH MAC | | | | | +--------------+ | | | | | LLN PHY | +-------+ +--...-----+ +-------+ +--------------+IoT gateway, the Elimination function in the gateway ignores the extra packet and presents only one copy to upper layers. </t> <figure align="center" anchor="elifig"><name>Example End-to-End DetNet Track</name> <artwork><![CDATA[ +-=-=-+ |ingress egressIoT | | G/W |+--------------++-=-=-+ ^ <=== Elimination Track branch | | +-=-=-=-+ +-=-=-=-=+ Subnet backbone |LLN PHY| +-=|-=+ +-=|-=+ | |+--------------+|Packet flowing across the networkBackbone | |TSCH MAC| Backbone o | |+--------------+|DMAC =Router |DMAC = |ISA100/WiHART| |nexthopRouter +-=/-=+ +-=|-=+ o / o o-=-o-=-=/ o o o-=-o-=/ o o o o o o \ / o o LLN o o vnexthop +--------------+ Source Ingress Egress Destination Stack Layer Node Node Node Node<=== Replication o ]]></artwork> </figure> </section> <section><name>Cell Reuse</name> <t> The 6TiSCH architecture provides the means to avoid waste of cells as well as overflows in the transmit bundle of a Track, as follows: </t> <t> A TX-cell that is not needed for the current iteration may be reused opportunistically on a per-hop basis for routed packets. When all of the frames that were received for a given Track are effectively transmitted, any available TX-cell for that Track can be reused for upper-layer traffic for which the next-hop router matches the next hop along the Track. In that case, theTrackIDcell thatidentifiesis being used is effectively a TX-cell from the Track, but the short address for the destination is that of the next-hop router. </t> <t> It results in a frame that is received in an RX-cell of a Track with a destination MAC address set to this node, as opposed to the broadcast MAC address that must be extracted from the Track and delivered to the upper layer. Note that a frame with an unrecognized destination MAC address is dropped at theingress 6TiSCH routerlower MAC layer and thus isderived fromnot received at theRX-cell. The DMAC is set6top sublayer. </t> <t> On the other hand, it might happen that there are not enough TX-cells in the transmit bundle tothis node butaccommodate theTrackID indicatesTrack traffic, for instance, if more retransmissions are needed than provisioned. In that case, and if the framemusttransports an IPv6 packet, then it can betunneled over a particular Track soplaced for transmission in theframebundle that isnot passed toused for Layer 3 traffic towards theupper layer. Instead,next hop along theDMAC is forcedTrack. The MAC address should be set tobroadcast andtheframe is passednext-hop MAC address tothe 6top sublayer for switching.avoid confusion. </t> <t>At the egress 6TiSCH router,It results in a frame that is received over a Layer 3 bundle that may be in fact associated with a Track. In a classical IP link such as an Ethernet, off-Track traffic is typically in excess over reservation to be routed along thereverse operation occurs. Basednon-reserved path based ontunneling informationits QoS setting. But with 6TiSCH, since the use of theTrack, whichLayer 3 bundle may be due to transmission failures, it makes sense forinstance indicate that the tunneled datagram is an IP packet,thedatagram is passedreceiver to recognize a frame that should be re-Tracked and to place it back on the appropriateLink-Layerbundle if possible. A frame is re-Tracked by scheduling it for transmission over the transmit bundle associated with thedestination MAC restored. </t> </section> <section><name>Tunneling Information</name> <t> Tunneling information comingTrack, with theTrack configuration provides thedestination MAC addressof the egress endpoint as well as the tunnel mode and specific data depending on the mode, for instance a service access point for frame delivery at egress.set to broadcast. </t> </section> </section> <section anchor="fwd"><name>Forwarding Models</name> <t>IfBy forwarding, this document means thetunnel egress point does not haveper-packet operation that allows delivery of aMAC addresspacket to a next hop or an upper layer in this node. Forwarding is based on preexisting state thatmatches the configuration, thewas installed as a result of a routing computation, see <xref target="rtg"/>. 6TiSCH supports three different forwarding models: (GMPLS) Trackinstallation fails.Forwarding, (classical) IPv6 Forwarding, and (6LoWPAN) Fragment Forwarding. </t> <section anchor="trkfwd"><name>Track Forwarding</name> <t>IfForwarding along a Track can be seen as a Generalized Multiprotocol Label Switching (GMPLS) operation in that theLayer-3 destination address belongsinformation used tothe tunnel termination, then itswitch a frame ispossible that the IPv6 address of the destinationnot an explicit label but iscompressed at the 6LoWPAN sublayer based on the MAC address. Restoringrather related to other properties of thewrong MAC address atway theegress would then also resultpacket was received, a particular cell in thewrong IP address incase of 6TiSCH. As a result, as long as thepacket after decompression. For that reason,TSCH MAC (and Layer 2 security) accepts apacketframe, that frame can beinjected inswitched regardless of the protocol, whether this is an IPv6 packet, a 6LoWPAN fragment, or a frame from an alternate protocol such as WirelessHART or ISA100.11a. </t> <t> A data frame that is forwarded along a Trackonly if thenormally has a destination MAC addressis effectivelythatof the tunnel egress point. Itisthus mandatory for the ingress routerset tovalidate thatbroadcast or a multicast address depending on MAC support. This way, the MACaddress that was used atlayer in the6LoWPAN sublayer for compression matches that ofintermediate nodes accepts thetunnel egress point before it overwrites it to broadcast. Theincoming frame and 6topsublayer at the tunnel egress point reverts that operation toswitches it without incurring a change in the MACaddress obtained from the tunnel information. </t> </section> </section> <section><name>IPv6 Forwarding</name> <t> Asheader. In thepackets are routed at Layer-3, traditional QoS and Active Queue Management (AQM) operations are expectedcase of IEEE Std 802.15.4, this means effectively toprioritize flows. <!--broadcast, so that along theapplicationTrack the short address for the destination ofDifferentiated Servicesthe frame isfurther discussed in --> <!-- <xref target="I-D.svshah-tsvwg-lln-diffserv-recommendations"/>. -->set to 0xFFFF. </t><figure anchor='fig9'><name>IP Forwarding</name> <artwork><![CDATA[ | Packet flowing across the network ^ +--------------+ | | | IPv6 | | +-QoS+ +-QoS+ | +--------------+ | | | | | | | 6LoWPAN HC | | | | | | | +--------------+ | | | | | | | 6top | | | | | | | +--------------+ | | | | | | | TSCH MAC | | | | | | | +--------------+ | | | | | | | LLN PHY | +-------+ +--...-----+ +-------+ +--------------+ Source Ingress Egress Destination Stack Layer Node Router Router Node ]]></artwork> </figure> </section> <section><name>Fragment Forwarding</name><t>Considering that per section 4 of <xref target='RFC4944'/> 6LoWPAN packets can be as large as 1280 bytes (theThere are two modes for a Track: an IPv6minimum MTU), and that the non-storingnative modeof RPL implies Source Routing that requires space for routing headers,andthataIEEE Std. 802.15.4 frameprotocol-independent tunnel mode. </t> <section><name>Native Mode</name> <t> In native mode, the Protocol Data Unit (PDU) is associated withsecurity may carryflow-dependent metadata that refers uniquely to the Track, so the 6top sublayer can place the frame in theorder of 80 bytesappropriate cell without ambiguity. In the case ofeffective payload, anIPv6packet mighttraffic, this flow may befragmented into more than 16 fragments atidentified using a 6-tuple as discussed in <xref target="RFC8939"/>. In particular, implementations of this document should support identification of DetNet flows based on the6LoWPAN sublayer. </t>IPv6 Flow Label field.</t> <t>This level of fragmentation is much higher thanThe flow follows a Track thattraditionally experienced over the Internet with IPv4 fragments, where fragmentationisalready known as harmful. </t> <t> In the case toidentified using amultihop route withinRPL Instance (see <xref target="RFC6550" section="3.1.3" sectionFormat="of" format="default"/>), signaled in a6TiSCH network, Hop-by-Hop recomposition occurs at each hop to reform the packet and route it. This creates additional latencyRPL Packet Information (more in <xref target="RFC6550" section="11.2.2.1" sectionFormat="of" format="default"/>) andforces intermediate nodes to store a portionthe source address of a packetfor an undetermined time, thus impacting critical resources such as memory and battery. </t> <t> <xref target='I-D.ietf-6lo-minimal-fragment'/> describes a framework for forwarding fragments end-to-end acrossgoing down the DODAG formed by a6TiSCH route-over mesh. Within that framework, <xref target='I-D.ietf-lwig-6lowpan-virtual-reassembly'/> detailslocal instance. One or more flows may be placed in avirtual reassembly buffer mechanism wherebysame Track and thedatagram tagTrack identification (TrackID plus owner) may be placed in an IP-in-IP encapsulation. The forwarding operation is based on the6LoWPAN FragmentTrack and does not depend on the flow therein. </t> <t> The Track identification isused as a label for switchingvalidated at egress before restoring the6LoWPAN sublayer.destination MAC address (DMAC) and punting to the upper layer. </t><t> Building on this technique, <xref target='I-D.ietf-6lo-fragment-recovery'/> introduces a new format for 6LoWPAN fragments<t><xref target="fig6t"/> illustrates the Track Forwarding operation thatenableshappens at theselective recovery of individual fragments, and allows for a degree of flow control based on an Explicit Congestion Notification.6top sublayer, below IP. </t> <figureanchor='fig7'><name>Forwarding First Fragment</name>anchor="fig6t"><name>Track Forwarding, Native Mode</name> <artwork><![CDATA[ | Packet flowing across the network ^ +--------------+ | | | IPv6 | |+----+ +----+| +--------------+ | | || | | |6LoWPAN HC | |learn learn| +--------------+| | | | | |ingress egress | 6top || | | | | |sets +----+ +----+ restores +--------------+ DMAC to | | | || |DMAC to | TSCH MAC | brdcst | | | || |dest +--------------+ | | | | | | | LLN PHY | +-------+ +--...-----+ +-------+ +--------------+SourceIngress Relay Relay EgressDestinationStack Layer NodeRouter RouterNode Node Node ]]></artwork> </figure> </section> <section><name>Tunnel Mode</name> <t> Inthat model,tunnel mode, thefirst fragment is routed based onframes originate from an arbitrary protocol over a compatible MAC that may or may not be synchronized with theIPv6 header6TiSCH network. An example of this would be a router with a dual radio that ispresent in that fragment. The 6LoWPAN sublayer learnscapable of receiving and sending WirelessHART or ISA100.11a frames with thenext hop selection, generatessecond radio by presenting itself as an access point or anew datagram tag for transmission to the next hop, and storesBackbone Router, respectively. In thatinformation indexed bymode, some entity (e.g., PCE) can coordinate with a WirelessHART Network Manager or an ISA100.11a System Manager to specify theincoming MAC address and datagram tag. The next fragments are then switched based onflows thatstored state.are transported. </t> <figureanchor='fig8'><name>Forwarding Next Fragment</name>anchor="fig6"><name>Track Forwarding, Tunnel Mode</name> <artwork><![CDATA[| Packet flowing across the network ^+--------------+ || |IPv6 || |+--------------+ || |6LoWPAN HC || replay replay |+--------------+ set restore | 6top | +DMAC+ +DMAC+ +--------------+ to|brdcst to|nexthop | TSCH MAC | | | |6top| +--------------+ | | | | | LLN PHY | +-------+ +--...-----+ +-------+ +--------------+ | ingress egress | | | +--------------+ | | |TSCH MAC | |LLN PHY | | | +--------------+ | Packet flowing across the network |+--------------+| TSCH MAC | | | +--------------+ | DMAC = | DMAC = |ISA100/WiHART |LLN PHY|+-------+ +--...-----+ +-------+nexthop v nexthop +--------------+ Source Ingress Egress Destination Stack Layer NodeRouter RouterNode Node Node ]]></artwork> </figure> <t>A bitmap and an ECN echo in the end-to-end acknowledgment enable the source to resend the missing fragments selectively. The first fragment may be resent to carve a new path in case of a path failure. The ECN echo set indicates that the number of outstanding fragments should be reduced. </t> </section> </section> <section anchor='rtg'><name>Advanced 6TiSCH Routing</name> <section anchor='pmh'><name>Packet Marking and Handling</name> <t> All packets inside a 6TiSCH domain must carry the RPLInstanceID that identifies the 6TiSCH topology (e.g., a Track) that is to be used for routing and forwarding that packet. The location of that information must be the same for all packets forwarded inside the domain. </t> <t> For packets that are routed by a PCE along a Track, the tuple formed by 1) (typically) the IPv6 source or (possibly) destination address in the IPv6 Header and 2) a local RPLInstanceID in the RPI that serves as TrackID, identify uniquely the Track and associated transmit bundle. </t> <t> For packetsIn thatare routed by RPL,case, the TrackID thatinformation isidentifies theRPLInstanceID whichTrack at the ingress 6TiSCH router iscarried inderived from theRPL Packet Information (RPI), as discussed in section 11.2 of <xref target='RFC6550'/>, "Loop Avoidance and Detection".RX-cell. TheRPIDMAC istransported by a RPL option in the IPv6 Hop-By-Hop Header <xref target='RFC6553'/>. </t> <t> A compression mechanism forset to this node, but theRPL packet artifactsTrackID indicates thatintegratesthecompression of IP-in-IP encapsulation andframe must be tunneled over a particular Track, so theRouting Header type 3 <xref target='RFC6554'/> with that offrame is not passed to theRPI in a 6LoWPAN dispatch/header typeupper layer. Instead, the DMAC isspecified in <xref target='RFC8025'/>forced to broadcast, and<xref target='RFC8138'/>. </t> <t> <!--In a 6TiSCH network,therouting dispatchframe is passed to therecommended encoding the RPL Packet Information.-->6top sublayer for switching. </t> <t>Either way,At themethod and format usedegress 6TiSCH router, the reverse operation occurs. Based on tunneling information of the Track, which may forencodinginstance indicate that theRPLInstanceIDtunneled datagram isgeneralizedan IP packet, the datagram is passed toall 6TiSCH topological Instances, which include both RPL Instances and Tracks.the appropriate link-layer with the destination MAC restored. </t> </section><section anchor='pmhrre'><name>Replication, Retries and Elimination</name><section><name>Tunneling Information</name> <t>6TiSCH supportsTunneling information coming with thePREOF operations of elimination and reorderingTrack configuration provides the destination MAC address ofpackets along a complex Track, but has no requirement about whether a sequence number is tagged inthepacket for that purpose. With 6TiSCH,egress endpoint as well as theschedule can tell when multiple receive timeslots correspond to copies oftunnel mode and specific data depending on the mode, for instance, asame packet, in which caseservice access point for frame delivery at egress. </t> <t> If thereceiver may avoid listening totunnel egress point does not have a MAC address that matches theextra copies once it had received one instance ofconfiguration, thepacket.Track installation fails. </t> <t>The semantics ofIf theconfiguration will enable correlated timeslotsLayer 3 destination address belongs tobe grouped for transmit (and respectively receive) with a 'OR' relations, andthe tunnel termination, thena 'AND' relation would be configurable between groups. The semanticsit is possible thatif the transmit (and respectively receive) operation succeeded in one timeslot in a 'OR' group, then alltheother timeslots inIPv6 address of thegroup are ignored. Now, if there aredestination is compressed atleast two groups,the'AND' relation between6LoWPAN sublayer based on thegroups indicates that one operation must succeed in each ofMAC address. Restoring thegroups. </t> <t> Onwrong MAC address at thetransmit side, timeslots provisioned for retries along a same branch of a Track are placed a same 'OR' group. The 'OR' relation indicates that if a transmission is acknowledged,egress would thenretransmissions of that packet should not be attempted for remaining timeslotsalso result inthat group. There are as many 'OR' groups as there are branches of the Track departing from this node. Different 'OR' groups are programmed for the purpose of replication, each group corresponding to one branch oftheTrack. The 'AND' relation betweenwrong IP address in thegroups indicatespacket after decompression. For thattransmission over any of branches must be attempted regardless of whetherreason, atransmission succeededpacket can be injected inanother branch.a Track only if the destination MAC address is effectively that of the tunnel egress point. It isalso possible to place cellsthus mandatory for the ingress router todifferent next-hop routers in a same 'OR' group. This allowsvalidate that the MAC address used at the 6LoWPAN sublayer for compression matches that of the tunnel egress point before it overwrites it toroute along multi-path Tracks, trying one next-hop and then another only if sendingbroadcast. The 6top sublayer at the tunnel egress point reverts that operation to thefirst fails.MAC address obtained from the tunnel information. </t> </section> </section> <section><name>IPv6 Forwarding</name> <t>OnAs thereceive side, all timeslotspackets areprogrammed in a same 'OR' group. Retries of a same copy as well as converging branches for eliminationrouted at Layer 3, traditional QoS and Active Queue Management (AQM) operations areconverged, meaningexpected to prioritize flows. </t> <figure anchor="fig9"><name>IP Forwarding</name> <artwork><![CDATA[ | Packet flowing across the network ^ +--------------+ | | | IPv6 | | +-QoS+ +-QoS+ | +--------------+ | | | | | | | 6LoWPAN HC | | | | | | | +--------------+ | | | | | | | 6top | | | | | | | +--------------+ | | | | | | | TSCH MAC | | | | | | | +--------------+ | | | | | | | LLN PHY | +-------+ +--...-----+ +-------+ +--------------+ Source Ingress Egress Destination Stack Layer Node Router Router Node ]]></artwork> </figure> </section> <section><name>Fragment Forwarding</name> <t> Considering that, per <xref target="RFC4944" section="4" sectionFormat="of" format="default"/>, 6LoWPAN packets can be as large as 1280 bytes (the IPv6 minimum MTU) and that thefirst successful reception is enoughnon-storing mode of RPL implies source routing, which requires space for routing headers, and thatallan IEEE Std 802.15.4 frame with security may carry in theother timeslots canorder of 80 bytes of effective payload, an IPv6 packet might beignored. A 'AND' group denotes different packetsfragmented into more than 16 fragments at the 6LoWPAN sublayer. </t> <t> This level of fragmentation is much higher than thatmust all be received and transmittedtraditionally experienced over theassociated transmit groups within their respected 'AND' or 'OR' rules.Internet with IPv4 fragments, where fragmentation is already known as harmful. </t> <t>As an example say that we haveIn the case of asimple network as represented in <xref target='figANDORref'/>,multihop route within a 6TiSCH network, hop-by-hop recomposition occurs at each hop to reform the packet andwe wantroute it. This creates additional latency and forces intermediate nodes toenable PREOF betweenstore a portion of a packet for aningress node Iundetermined time, thus impacting critical resources such as memory andan egress node E.battery. </t><figure align='center' anchor='figANDORref'><name>Scheduling PREOF on a Simple Network</name> <artwork align='center'><![CDATA[ +-+ +-+ -- |A| ------ |C| -- / +-+ +-+ \ / \ +-+ +-+ |I| |E| +-+ +-+ \ / \ +-+ +-+ / -- |B| ------- |D| -- +-+ +-+ ]]></artwork> </figure><t>The assumption<xref target="RFC8930"/> describes a framework forthis particular problem is thatforwarding fragments end-to-end across a 6TiSCHnode hasroute-over mesh. Within that framework, <xref target="I-D.ietf-lwig-6lowpan-virtual-reassembly"/> details a virtual reassembly buffer mechanism whereby the datagram tag in the 6LoWPAN fragment is used as asingle radio, so it cannot perform 2 receive and/or transmit operationslabel for switching at thesame time, even on 2 different channels.6LoWPAN sublayer. </t> <t>Say we have 6 possible channels, and at least 10 timeslots per slotframe.Building on this technique, <xreftarget='figsc'/> showstarget="RFC8931"/> introduces apossible schedule whereby each transmission is retried 2 or 3 times, and redundant copies are forwarded in parallel via A and C onnew format for 6LoWPAN fragments that enables theone hand, and Bselective recovery of individual fragments andDallows for a degree of flow control based onthe other, providing time diversity, spatial diversity though different physical paths, and frequency diversity.an Explicit Congestion Notification (ECN). </t> <figureanchor='figsc'><name>Example Global Schedule</name> <artwork align='center'> <![CDATA[ slotOffset 0 1 2 3 4 5 6 7 9 +----+----+----+----+----+----+----+----+----+ channelOffset 0anchor="fig7"><name>Forwarding First Fragment</name> <artwork><![CDATA[ | Packet flowing across the network ^ +--------------+ | | | IPv6 | ||B->D|+----+ +----+ | +--------------+ |... +----+----+----+----+----+----+----+----+----+ channelOffset 1||I->A| |A->C|B->D|| | | |... +----+----+----+----+----+----+----+----+----+ channelOffset 2 |I->A|||I->B| |C->E| |D->E|6LoWPAN HC | | learn learn | +--------------+ | | | | | | | 6top | | | | | | | +--------------+ | | | | | | | TSCH MAC | | | | | | | +--------------+ | |... +----+----+----+----+----+----+----+----+----+ channelOffset 3| | | ||A->C|| LLN PHY | +-------+ +--...-----+ +-------+ +--------------+ Source Ingress Egress Destination Stack Layer Node Router Router Node ]]></artwork> </figure> <t> In that model, the first fragment is routed based on the IPv6 header that is present in that fragment. The 6LoWPAN sublayer learns the next-hop selection, generates a new datagram tag for transmission to the next hop, and stores that information indexed by the incoming MAC address and datagram tag. The next fragments are then switched based on that stored state. </t> <figure anchor="fig8"><name>Forwarding Next Fragment</name> <artwork><![CDATA[ | Packet flowing across the network ^ +--------------+ | | | IPv6 |... +----+----+----+----+----+----+----+----+----+ channelOffset 4| ||I->B|+--------------+ ||B->D|||D->E| ... +----+----+----+----+----+----+----+----+----+ channelOffset 5| 6LoWPAN HC ||A->C|| replay replay ||C->E|+--------------+ | |... +----+----+----+----+----+----+----+----+----+ ]]> </artwork> </figure> <t> This translates in a different slotframe for every node that provides the waking and sleeping times, and the channelOffset to be used when awake. <xref target='figsfA'/> shows the corresponding slotframe for node A. </t> <figure anchor='figsfA'><name>Example Slotframe for Node A</name> <artwork align='center'> <![CDATA[ slotOffset 0 1 2 3 4 5 6 7 9 +----+----+----+----+----+----+----+----+----+ operation |rcv |rcv |xmit|xmit|xmit|none|none|none|none| ... +----+----+----+----+----+----+----+----+----+ channelOffset|2|1|5|1|3 |N/A |N/A |N/A |N/A6top |... +----+----+----+----+----+----+----+----+----+ ]]> </artwork> </figure> <t> <!-- If, say, node A successfully transmits at slotOffset 2 then it may sleep at slotOffsets 3 and 4. --> The logical relationship between the timeslots is given by the following table: </t> <figure anchor='figslog' suppress-title='true'> <artwork align='center'> <![CDATA[ +------+---------------------+------------------------+|Node|rcv slotOffset|xmit slotOffset|+------+---------------------+------------------------+|I|N/A+--------------+ |(0 OR 1) AND (2 OR 3)| |A|(0 OR 1)|(2 OR 3 OR 4)| |BTSCH MAC |(2 OR 3)|(4 OR 5 OR 6)| |C|(2 OR 3 OR 4)|(5 OR 6)| +--------------+ |D|(4 OR 5 OR 6)|(7 OR 8)| |E|(5 OR 6 OR 7 OR 8)|N/ALLN PHY |+------+---------------------+------------------------+ ]]> </artwork> </figure> <!-- <texttable title="schedule" anchor="schedtable"> <ttcol>Node</ttcol> <ttcol align="center"> rcv slotOffset</ttcol> <ttcol align="center"> xmit slotOffset</ttcol> <c>I</c> <c> N/A </c> <c> (0 OR 1) AND (2 OR 3) </c> <c>A</c> <c> (0 OR 1)</c> <c> (2 OR 3 OR 4) </c> <c>B</c> <c> (2 OR 3) </c> <c> (4 OR 5 OR 6) </c> <c>C</c> <c> (2 OR 3 OR 4)</c> <c> (5 OR 6) </c> <c>D</c> <c> (4 OR 5 OR 6) </c> <c> (7 OR 8) </c> <c>E</c> <c> (5 OR 6 OR 7 OR 8) </c> <c> N/A </c> </texttable> -->+-------+ +--...-----+ +-------+ +--------------+ Source Ingress Egress Destination Stack Layer Node Router Router Node ]]></artwork> </figure> <t> A bitmap and an ECN echo in the end-to-end acknowledgment enable the source to resend the missing fragments selectively. The first fragment may be resent to carve a new path in case of a path failure. The ECN echo set indicates that the number of outstanding fragments should be reduced. </t> </section> </section><!--<sectionanchor="pmhds" title="Differentiated Services Per-Hop-Behavior"> --> <!--anchor="rtg"><name>Advanced 6TiSCH Routing</name> <section anchor="pmh"><name>Packet Marking and Handling</name> <t>--> <!-- A future document could defineAll packets inside aPHB for Deterministic Flows,6TiSCH domain must carry the RPLInstanceID that identifies the 6TiSCH topology (e.g., a Track) that is to beindicated --> <!--used for routing and forwarding that packet. The location of that information must be the same for all packets forwarded inside the domain. </t> <t> For packets that are routed by a PCE along a Track, the tuple formed by 1) (typically) the IPv6 source or (possibly) destination address in theIANA registry where IETF-defined PHBsIPv6 header and 2) a local RPLInstanceID in the RPI that serves as TrackID, identify uniquely the Track and associated transmit bundle. </t> <t> For packets that arelisted. --> <!--routed by RPL, that information is the RPLInstanceID that is carried in the RPL Packet Information (RPI), as discussed in <xref target="RFC6550" section="11.2" sectionFormat="of" format="default"/>, "Loop Avoidance and Detection". The RPI is transported by a RPL Option in the IPv6 Hop-By-Hop Options header <xref target="RFC6553"/>. </t>--> <!-- </section> --> </section> </section> <section><name>IANA Considerations</name><t>This document does not require IANA action.A compression mechanism for the RPL packet artifacts that integrates the compression of IP-in-IP encapsulation and the Routing Header type 3 <xref target="RFC6554"/> with that of the RPI in a 6LoWPAN dispatch/header type is specified in <xref target="RFC8025"/> and <xref target="RFC8138"/>. </t></section> <section anchor='sec'><name>Security Considerations</name><t>The <xref target='I-D.ietf-6tisch-minimal-security'>"Minimal Security Framework for 6TiSCH"</xref> was optimized for Low-PowerEither way, the method andTSCH operations. The readerformat used for encoding the RPLInstanceID isencouragedgeneralized toreview the Security Considerations section of that document, which discussesall 6TiSCHsecurity issues in more details.topological Instances, which include both RPL Instances and Tracks. </t> </section> <sectionanchor='det'><name>Availability of Remote Services</name>anchor="pmhrre"><name>Replication, Retries, and Elimination</name> <t>The operation of6TiSCHTracks inherits its high level operation from DetNet and is subject tosupports theobservations in section 5PREOF operations of<xref target='RFC8655'/>. The installationelimination andthe maintenance of the 6TiSCH Tracks depends on the availabilityreordering of packets along acontroller withcomplex Track, but has no requirement about tagging aPCE to compute and push themsequence number in thenetwork. Whenpacket for thatconnectivity is lost, existing Tracks may continue to operate untilpurpose. With 6TiSCH, theendschedule can tell when multiple receive timeslots correspond to copies oftheir lifetime, but cannot be removed or updated, and new Tracks cannot be installed. </t> <t> InaLLN,same packet, in which case thecommunication with a remote PCEreceiver maybe slow and unreactiveavoid listening torapid changes intheconditionextra copies once it has received one instance of thewireless communication. An attacker may introduce extra delay by selectively jamming some packets or some flows.packet. </t> <t> Theexpectation is thatsemantics of the6TiSCH Tracksconfiguration enableenough redundancycorrelated timeslots tomaintainbe grouped for transmit (and receive, respectively) with 'OR' relations, and then an 'AND' relation can be configurable between groups. The semantics are such that if thecritical traffictransmit (and receive, respectively) operation succeeded in one timeslot inoperation while new routes are calculated and programmed intoan 'OR' group, then all thenetwork. </t> <t> As with DetNetother timeslots ingeneral,thecommunication withgroup are ignored. Now, if there are at least two groups, thePCE must be secured and should be protected against DoS attacks, including delay injection and blackholing attacks, and secured as discussed in'AND' relation between thesecurity considerations defined for Abstraction and Control of Traffic Engineered Networks (ACTN)groups indicates that one operation must succeed inSection 9each of<xref target='RFC8453'/>, which applies equally to DetNet and 6TiSCH. In a similar manner,thecommunication with the JRC must be secured and should be protected against DoS attacks when possible.groups. </t></section> <section anchor='phy'><name>Selective Jamming</name><t>The Hopping SequenceOn the transmit side, timeslots provisioned for retries along a same branch of aTSCH network is well-known, meaningTrack are placed in the same 'OR' group. The 'OR' relation indicates that if arogue manages to identify a cell of a particular flow,transmission is acknowledged, thenit may to selectively jamretransmissions of thatcell, without impacting any other traffic. This attack canpacket should not beperformed atattempted for thePHY layer without any knowledgeremaining timeslots in that group. There are as many 'OR' groups as there are branches of theLayer-2 keys, and is very hard to detect and diagnose because only one flow is impacted. </t> <t> <xref target='I-D.tiloca-6tisch-robust-scheduling'/> proposes a method to obfuscate the hopping sequence and make it harder to perpetrate that particular attack. </t> </section> <section anchor='iee'><name>MAC-Layer Security</name> <t> This architecture operates on IEEE Std. 802.15.4 and expectsTrack departing from this node. Different 'OR' groups are programmed for theLink-Layer securitypurpose of replication, each group corresponding tobe enabled at all timesone branch of the Track. The 'AND' relation betweenconnected devices, except forthevery first stepgroups indicates that transmission over any ofthe device join process, wherebranches must be attempted regardless of whether ajoining device may need some initial, unsecured exchanges so astransmission succeeded in another branch. It is also possible toobtain its initial key material. In a typical deployment, all joined nodes useplace cells to different next-hop routers in the samekeys'OR' group. This allows routing along multipath Tracks, trying one next hop andrekeying needsthen another only if sending tobe global.the first fails. </t> <t>The 6TISCH Architecture relies onOn thejoin process to deny authorization of invalid nodes and preservereceive side, all timeslots are programmed in theintegritysame 'OR' group. Retries of thenetwork keys. A roguesame copy as well as converging branches for elimination are converged, meaning thatmanaged to accessthenetworkfirst successful reception is enough and that all the other timeslots canperform a large variety of attacks from DoS to injecting forgedbe ignored. An 'AND' group denotes different packetsand routing information. "Zero-trust" properties wouldthat must all behighly desirable but are mostly not available atreceived and transmitted over thetime ofassociated transmit groups within their respected 'AND' or 'OR' rules. </t> <t> As an example, say that we have a simple network as represented in <xref target="figANDORref"/>, and we want to enable PREOF between an ingress node I and an egress node E. </t> <figure align="center" anchor="figANDORref"><name>Scheduling PREOF on a Simple Network</name> <artwork align="center"><![CDATA[ +-+ +-+ -- |A| ------ |C| -- / +-+ +-+ \ / \ +-+ +-+ |I| |E| +-+ +-+ \ / \ +-+ +-+ / -- |B| ------- |D| -- +-+ +-+ ]]></artwork> </figure> <t> The assumption for thiswriting. <xref target='I-D.ietf-6lo-ap-nd'/>particular problem isa notable exceptionthatprotects the ownership of IPv6 addresses and preventsarogue6TiSCH nodewith L2 access from stealing and injecting traffic on behalf ofhas alegitimate node.single radio, so it cannot perform two receive and/or transmit operations at the same time, even on two different channels. </t><!--<t>The join protocol can be zero-touchSay we have six possible channels, andleverage ANIMA procedures, as detailed in theat least ten timeslots per slotframe. <xreftarget="I-D.ietf-6tisch-dtsecurity-zerotouch-join"> 6tisch Zero-Touch Secure Join protocol</xref>. </t> <t> Alternatively, the join protocol can be one-touch, in which case the pledge is provisioned withtarget="figsc"/> shows apreshared key (PSK),possible schedule whereby each transmission is retried two or three times, anduses CoJP as specifiedredundant copies are forwarded in<xref target="I-D.ietf-6tisch-minimal-security"/>.parallel via A and C on the one hand, and B and D on the other, providing time diversity, spatial diversity though different physical paths, and frequency diversity. </t>--> </section> <section anchor='ts'><name>Time Synchronization</name><figure anchor="figsc"><name>Example Global Schedule</name> <artwork align="center"><![CDATA[ slotOffset 0 1 2 3 4 5 6 7 9 +----+----+----+----+----+----+----+----+----+ channelOffset 0 | | | | | | |B->D| | | ... +----+----+----+----+----+----+----+----+----+ channelOffset 1 | |I->A| |A->C|B->D| | | | | ... +----+----+----+----+----+----+----+----+----+ channelOffset 2 |I->A| | |I->B| |C->E| |D->E| | ... +----+----+----+----+----+----+----+----+----+ channelOffset 3 | | | | |A->C| | | | | ... +----+----+----+----+----+----+----+----+----+ channelOffset 4 | | |I->B| | |B->D| | |D->E| ... +----+----+----+----+----+----+----+----+----+ channelOffset 5 | | |A->C| | | |C->E| | | ... +----+----+----+----+----+----+----+----+----+ ]]></artwork> </figure> <t>Time Synchronization in TSCH induces another event horizon whereby a node will only communicate with another node if they are synchronized within a guard time. The pledge discovers the synchronization of the network based on the time of reception of the beacon. If an attacker synchronizesThis translates into apledge outside of the guard time of the legitimate nodes thendifferent slotframe that provides thepledge will never see a legitimate beaconwaking and sleeping times for every node, andmay not discovertheattack. </t> <t>As discussed in <xref target='RFC8655'/>, measures must be takenchannelOffset toprotectbe used when awake. <xref target="figsfA"/> shows thetime synchronization, andcorresponding slotframe for6TiSCH this includes ensuring that the Absolute Slot Number (ASN), which is the node's sense of time, is not compromised. Once installed and as long as thenodeis synchronized toA. </t> <figure anchor="figsfA"><name>Example Slotframe for Node A</name> <artwork align="center"><![CDATA[ slotOffset 0 1 2 3 4 5 6 7 9 +----+----+----+----+----+----+----+----+----+ operation |rcv |rcv |xmit|xmit|xmit|none|none|none|none| ... +----+----+----+----+----+----+----+----+----+ channelOffset | 2 | 1 | 5 | 1 | 3 |N/A |N/A |N/A |N/A | ... +----+----+----+----+----+----+----+----+----+ ]]></artwork> </figure> <t> The logical relationship between thenetwork, ASNtimeslots isimplicit in the transmissions.given by <xref target="figslog"/>: </t> <table anchor="figslog"> <thead> <tr> <th align="center">Node</th> <th align="center">rcv slotOffset</th> <th align="center">xmit slotOffset</th> </tr> </thead> <tbody> <tr> <td align="center">I</td> <td align="center">N/A</td> <td align="center">(0 OR 1) AND (2 OR 3)</td> </tr> <tr> <td align="center">A</td> <td align="center">(0 OR 1)</td> <td align="center">(2 OR 3 OR 4)</td> </tr> <tr> <td align="center">B</td> <td align="center">(2 OR 3)</td> <td align="center">(4 OR 5 OR 6)</td> </tr> <tr> <td align="center">C</td> <td align="center">(2 OR 3 OR 4)</td> <td align="center">(5 OR 6)</td> </tr> <tr> <td align="center">D</td> <td align="center">(4 OR 5 OR 6)</td> <td align="center">(7 OR 8)</td> </tr> <tr> <td align="center">E</td> <td align="center">(5 OR 6 OR 7 OR 8)</td> <td align="center">N/A</td> </tr> </tbody> </table> </section> </section> </section> <section><name>IANA Considerations</name> <t> This document has no IANA actions. </t> </section> <section anchor="sec"><name>Security Considerations</name> <t> The <xreftarget='IEEE802154'>IEEE Std. 802.15.4</xref> specifies that in atarget="RFC9031">"Minimal Security Framework for 6TiSCH"</xref> was optimized for Low-Power and TSCHnetwork, the nonce thatoperations. The reader isused for the computation of the Message Integrity Code (MIC)encouraged tosecure Link-Layer frames is composed of the address of the source ofreview theframe andSecurity Considerations section ofthe ASN. The standard assumesthatthe ASN is distributed securely by other means. The ASN is not passed explicitlydocument (Section <xref target="RFC9031" sectionFormat="bare" section="9"/>), which discusses 6TiSCH security issues inthe data frames and does not constitute a complete anti-replay protection. It results that upper layer protocols must provide a way to detect duplicates and cope with them.more details. </t> <section anchor="det"><name>Availability of Remote Services</name> <t>IfThe operation of 6TiSCH Tracks inherits its high-level operation from DetNet and is subject to thereceiverobservations in <xref target="RFC8655" section="5" sectionFormat="of" format="default"/>. The installation and thesender have a different sensemaintenance ofASN,theMIC will not validate and6TiSCH Tracks depend on theframe will be dropped. In that sense, TSCH induces an event horizon whereby only nodes that have a common senseavailability ofASN can talk to one another in an authenticated manner. With 6TiSCH, the pledge discoversatentative ASNcontroller with a PCE to compute and push them inbeacons from nodes that have already joinedthe network.But even if the beacon can be authenticated,When that connectivity is lost, existing Tracks may continue to operate until theASNend of their lifetime, but cannot betrusted as it could be a replay by an attackerremoved or updated, andthus could announcenew Tracks cannot be installed. </t> <t> In anASN that representsLLN, the communication with atimeremote PCE may be slow and unreactive to rapid changes in thepast. Ifcondition of thepledge uses an ASN thatwireless communication. An attacker may introduce extra delay by selectively jamming some packets or some flows. The expectation islearned from a replayed beacon for an encrypted transmission, a nonce-reuse attack becomes possiblethat the 6TiSCH Tracks enable enough redundancy to maintain the critical traffic in operation while new routes are calculated and programmed into thenetwork keys may be compromised.network. </t></section> <section anchor='asv'><name>Validating ASN</name><t>After obtainingAs with DetNet in general, thetentative ASN, a pledge that wishes to joincommunication with the6TiSCH networkPCE mustuse a join protocol to obtain its security keys. The join protocol usedbe secured and should be protected against DoS attacks, including delay injection and blackholing attacks, and secured as discussed in6TiSCH is the Constrained Join Protocol (CoJP). Intheminimal settingsecurity considerations defined for Abstraction and Control of Traffic Engineered Networks (ACTN) in <xreftarget='I-D.ietf-6tisch-minimal-security'/>, the authentication requires a pre-shared key, based ontarget="RFC8453" section="9" sectionFormat="of" format="default"/>, which applies equally to DetNet and 6TiSCH. In asecure session is derived. The CoJP exchange may also be precededsimilar manner, the communication witha zero-touch handshake <xref target='I-D.ietf-6tisch-dtsecurity-zerotouch-join'/> in order to enable pledge joining based on certificates and/or inter-domain communication.the JRC must be secured and should be protected against DoS attacks when possible. </t> </section> <section anchor="phy"><name>Selective Jamming</name> <t>As detailed in <xref target='rflo'/>,The hopping sequence of aJoin Proxy (JP) helps the pledge for the join procedure by relaying the link-scope Join Request over the IPTSCH network is well known, meaning that if a rogue manages to identify aJoin Registrar/Coordinator (JRC)cell of a particular flow, then it may selectively jam that cell without impacting any other traffic. This attack canauthenticatebe performed at thepledgePHY layer without any knowledge of the Layer 2 keys, andvalidate thatit isattachedvery hard tothe appropriate network. As a result of the CoJP exchange, the pledge is in possession of a Link-Layer material including keys and a short address,detect andif the ASNdiagnose because only one flow isknown to be correct, all traffic can now be secured using CCM* <xref target='CCMstar'/> at the Link-Layer.impacted. </t> <t>The authentication steps must be such that they cannot be replayed by an attacker, and they must not depend on the tentative ASN being valid. During the authentication, the keying material that the pledge obtains from the JRC does not provide protection against spoofed ASN. Once the pledge has obtained the keys<xref target="I-D.tiloca-6tisch-robust-scheduling"/> proposes a method touse inobfuscate thenetwork,hopping sequence and make itmay still needharder toverify the ASN. If the nonce used inperpetrate that particular attack. </t> </section> <section anchor="iee"><name>MAC-Layer Security</name> <t> This architecture operates on IEEE Std 802.15.4 and expects theLayer-2link-layer securityderives from the extended (MAC-64) address, then replayingto be enabled at all times between connected devices, except for theASN alone cannot enable a nonce-reuse attack unlessvery first step of thesame node is lost its state withdevice join process, where aprevious ASN. But if the nonce derives from the short address (e.g., assigned by the JRC) then the JRC must ensure that it never assigns short addresses that were already givenjoining device may need some initial, unsecured exchanges so as tothis or otherobtain its initial key material. In a typical deployment, all joined nodeswithuse the samekeys. In other words, the network mustkeys, and rekeying needs to berekeyed before the JRC runs out of short addresses.global. </t><!--t> Once the node obtains the keys from<t> The 6TISCH architecture relies on theJRC, an additional step may be requiredjoin process toensure thatdeny authorization of invalid nodes and to preserve theASN is correct before encrypting any message. Ifintegrity of theASN is not guaranteednetwork keys. A rogue that managed tobe correct by other means,access thepledge shouldnetwork can perform anon-replayable exchange (e.g., using a nonce in the payload that does not derivelarge variety of attacks fromASN) with a peer node that is trustedDoS to injecting forged packets andhas already joined (e.g., the JP or a RPL time parent). The request by the pledge should notrouting information. "Zero-trust" properties would beencryptedhighly desirable but are mostly not available at theLink-Layer but only authenticated to avoid nonce-replay attacks. A successful authenticated exchange proves a common sense of ASN and encrypted traffic can now happen. </t--> </section> <section anchor='keying'><name>Network Keying and Rekeying</name> <t> <xref target='rflo'/> provides an overviewtime ofthe CoJP process described in <xref target='I-D.ietf-6tisch-minimal-security'/> by which an LLN can be assembled in the field, having been provisioned in a lab.this writing. <xreftarget='I-D.ietf-6tisch-dtsecurity-zerotouch-join'/>target="RFC8928"/> isfuture worka notable exception thatpreceeds and then leverages the CoJP protocol usingprotects the<xref target='I-D.ietf-anima-constrained-voucher'/> constrained profileownership of<xref target='I-D.ietf-anima-bootstrapping-keyinfra'/> (BRSKI). This later work requiresIPv6 addresses and prevents ayet-to-be standardized Lighweight Authenticated Key Exchange protocol.rogue node with L2 access from stealing and injecting traffic on behalf of a legitimate node. </t> </section> <section anchor="ts"><name>Time Synchronization</name> <t>The CoJP protocol resultsTime synchronization indistribution ofTSCH induces another event horizon whereby anetwork-wide key that is to be usednode will only communicate with<xref target='IEEE802154'/> security. The details of useanother node if they aredescribed in <xref target='I-D.ietf-6tisch-minimal-security'/> sections 9.2 and 9.3.2. </t> <t>synchronized within a guard time. TheBRSKI mechanism may lead topledge discovers theusesynchronization of theCoJP protocol, in which case it also results in distributionnetwork based on the time of reception of the beacon. If an attacker synchronizes anetwork-wide key. Alternativelypledge outside of theBRSKI mechanism may be followed by useguard time of the legitimate nodes, then the pledge will never see a legitimate beacon and may not discover the attack. </t> <t>As discussed in <xreftarget='I-D.ietf-ace-coap-est'/>target="RFC8655"/>, measures must be taken toenroll certificatesprotect the time synchronization, and foreach device. In6TiSCH this includes ensuring thatcase,thecertificates may be used with an <xref target='IEEE802154'/> key agreement protocol. The descriptionAbsolute Slot Number (ASN), which is the node's sense ofthis mechanism, while conceptually straight forward still has significant standardization hurdlestime, is not compromised. Once installed and as long as the node is synchronized topass.the network, ASN is implicit in the transmissions. </t> <t> <xreftarget='I-D.ietf-6tisch-minimal-security'/> section 9.2 describestarget="IEEE802154">IEEE Std 802.15.4</xref> specifies that in amechanism to change (rekey)TSCH network, thenetwork. There are a numbernonce that is used for the computation ofreasons to initiate a network rekey: to remove unwanted (corrupt/malicious) nodes, to recover unused 2-byte short addresses, or duethe Message Integrity Code (MIC) tolimits in encryption algorithms. For allsecure link-layer frames is composed of themechanismsaddress of the source of the frame and of the ASN. The standard assumes thatdistribute a network-wide key, rekeyingthe ASN isalso needed on a periodic basis. In more details: </t> <t></t><ul spacing='normal'> <li>distributed securely by other means. Themechanism describedASN is not passed explicitly in<xref target='I-D.ietf-6tisch-minimal-security'/> section 9.2 requires advance communication betweentheJRCdata frames andevery one ofdoes not constitute a complete anti-replay protection. As a result, upper-layer protocols must provide a way to detect duplicates and cope with them. </t> <t> If thenodes beforereceiver and thekey change. Given that many nodes may be sleepy, this operation may takesender have asignificant amountdifferent sense oftime,ASN, the MIC will not validate andmay consumethe frame will be dropped. In that sense, TSCH induces an event horizon whereby only nodes that have asignificant portioncommon sense of ASN can talk to one another in an authenticated manner. With 6TiSCH, theavailable bandwidth. As such, network-wide rekeyspledge discovers a tentative ASN inorder to excludebeacons from nodes that havebecome malicious will not be particularly quick. If a rekey isalreadyin progress, but the unwanted node has not yet been updated, then it is possible to to just continue the operation. Ifjoined theunwanted node has already receivednetwork. But even if theupdate, thenbeacon can be authenticated, therekey operation will need toASN cannot berestarted. </li> <li> The cryptographic mechanisms usedtrusted as it could be a replay byIEEE Std. 802.15.4 include the 2-byte short addressan attacker, announcing an ASN that represents a time in thecalculation ofpast. If thecontext. Apledge uses an ASN that is learned from a replayed beacon for an encrypted transmission, a nonce-reuse attack becomes possible, and the network keys maybecome feasible ifbe compromised. </t> </section> <section anchor="asv"><name>Validating ASN</name> <t> After obtaining the tentative ASN, ashort address is reassignedpledge that wishes toanother node whilejoin thesame network-wide keys are in operation. A6TiSCH networkthat gains and loses nodes onmust use aregular basis is likelyjoin protocol toreachobtain its security keys. The join protocol used in 6TiSCH is the65536 limit ofConstrained Join Protocol (CoJP). In the2-byte (16-bit) short addresses, even ifminimal setting defined in <xref target="RFC9031"/>, thenetwork has onlyauthentication requires afew thousand nodes. Network planners should consider the need to rekey the networkpre-shared key, based on which aperiodic basissecure session is derived. The CoJP exchange may also be preceded by a zero-touch handshake <xref target="I-D.ietf-6tisch-dtsecurity-zerotouch-join"/> in order torecover 2-byte addresses. The rekey can updateenable pledge joining based on certificates and/or inter-domain communication. </t> <t> As detailed in <xref target="rflo"/>, a Join Proxy (JP) helps theshort addresses for active nodes if desired, but there is actually no need to do this as long aspledge with thekey has been changed. </li> <li> With TSCH as it stands atjoin procedure by relaying thetime of this writing,link-scope Join Request over theASN will wrap after 2^40 timeslot durations, which means withIP network to a Join Registrar/Coordinator (JRC) that can authenticate thedefault values around 350 years. Wrapping ASNpledge and validate that it isnot expectedattached tohappen withinthelifetimeappropriate network. As a result of the CoJP exchange, the pledge is in possession ofmost LLNs. Yet, shouldlink-layer material including keys and a short address, and if the ASNwrap,is known to be correct, all traffic can now be secured using CCM* <xref target="CCMstar"/> at thenetworklink layer. </t> <t> The authentication steps must berekeyed to avoid a nonce-reuse attack. </li> <li> Many cipher algorithms have some suggested limits on how many bytes shouldsuch that they cannot beencrypted withreplayed by an attacker, and they must not depend on the tentative ASN being valid. During the authentication, the keying material thatalgorithm before a new key is used. These numbers are typically inthemanypledge obtains from the JRC does not provide protection against spoofed ASN. Once the pledge has obtained the keys tohundreds of gigabytes of data. On very fast backbone networks this becomes an important concern. On LLNs with typical data ratesuse in thekilobits/second, this concern is significantly less. With IEEE Std. 802.15.4 asnetwork, itstands atmay still need to verify thetime of this writing,ASN. If the nonce used in the Layer 2 security derives from the extended (MAC-64) address, then replaying the ASNwill wrap beforealone cannot enable a nonce-reuse attack unless thelimits ofsame node has lost its state with a previous ASN. But if thecurrent L2 crypto (AES-CCM-128) are reached, sononce derives from theproblem shouldshort address (e.g., assigned by the JRC), then the JRC must ensure that it neveroccur. </li> <li> In any fashion, ifassigns short addresses that were already given to this or other nodes with theLLN is expected to operate continuously for decades thensame keys. In other words, theoperators are advised to plan fornetwork must be rekeyed before theneed to rekey. </li> </ul><t>JRC runs out of short addresses. </t> </section> <section anchor="keying"><name>Network Keying and Rekeying</name> <t>Except for urgent rekeys caused by malicious nodes,<xref target="rflo"/> provides an overview of therekey operationCoJP process described in <xreftarget='I-D.ietf-6tisch-minimal-security'/> can be done as a background task andtarget="RFC9031"/> by which an LLN can bedone incrementally. It is a make-before-break mechanism. The switch over toassembled in thenew keyfield, having been provisioned in a lab. <xref target="I-D.ietf-6tisch-dtsecurity-zerotouch-join"/> isnot signaled by time, but rather by observationfuture work that precedes and then leverages CoJP using thenew<xref target="I-D.ietf-anima-constrained-voucher"/> constrained profile of <xref target="RFC8995"/>. This later work requires a yet-to-be standardized Lightweight Authenticated Key Exchange protocol. </t> <t> CoJP results in distribution of a network-wide key that is to be used with <xref target="IEEE802154"/> security. The details of use are described inuse. As such,<xref target="RFC9031"/>, Sections <xref target="RFC9031" section="9.2" sectionFormat="bare" format="default"/> and <xref target="RFC9031" section="9.3.2" sectionFormat="bare" format="default"/>. </t> <t> The BRSKI mechanism may lead to theupdate can take as long as needed, or occuruse of CoJP, inas shortwhich case it also results in distribution of atime as practical. </t> </section> </section> <section><name>Acknowledgments</name> <section><name>Contributors</name> <t>The co-authorsnetwork-wide key. Alternatively the BRSKI mechanism may be followed by use of <xref target="I-D.ietf-ace-coap-est"/> to enroll certificates for each device. In that case, the certificates may be used with an <xref target="IEEE802154"/> key agreement protocol. The description of thisdocumentmechanism, while conceptually straightforward, still has significant standardization hurdles to pass. </t> <t> <xref target="RFC9031" section="8.2" sectionFormat="of" format="default"/> describes a mechanism to change (rekey) the network. There arelisted below: </t><dl spacing='normal'> <dt>Thomas Watteyne</dt><dd> for his contributiona number of reasons tothe whole design, in particular on TSCH and security, andinitiate a network rekey: to remove unwanted (corrupt/malicious) nodes, to recover unused 2-byte short addresses, or due to limits in encryption algorithms. For all of theopen source community with openWSNmechanisms thathe created. </dd> <dt>Xavier Vilajosana</dt><dd> who lead the design ofdistribute a network-wide key, rekeying is also needed on a periodic basis. In more detail: </t> <ul spacing="normal"> <li> The mechanism described in <xref target="RFC9031" section="8.2" sectionFormat="of" format="default"/> requires advance communication between theminimal support with RPLJRC andcontributed deeply toevery one of the6top design andnodes before theG-MPLSkey change. Given that many nodes may be sleepy, this operation may take a significant amount ofTrack switching; </dd> <dt>Kris Pister</dt><dd> for creating TSCHtime andhis continuing guidance through the elaborationmay consume a significant portion ofthis design; </dd> <dt>Malisa Vucinic</dt><dd> for the work ontheone-touch join process and his contributionavailable bandwidth. As such, network-wide rekeys tothe Security Design Team; </dd> <dt>Michael Richardson</dt><dd> for his leadership roleexclude nodes that have become malicious will not be particularly quick. If a rekey is already in progress, but theSecurity Design Team and his contribution throughout this document; </dd> <dt>Tero Kivinen</dt><dd> for his contributionunwanted node has not yet been updated, then it is possible to just continue thesecurity work in general andoperation. If thesecurity section in particular. </dd> <dt>Maria Rita Palattella</dt><dd> for managingunwanted node has already received theTerminology document merged into this throughupdate, then theworkrekey operation will need to be restarted. </li> <li> The cryptographic mechanisms used by IEEE Std 802.15.4 include the 2-byte short address in the calculation of6TiSCH; </dd> <dt>Simon Duquennoy</dt><dd> for his contributionthe context. A nonce-reuse attack may become feasible if a short address is reassigned to another node while theopen source community with the 6TiSCH implementaton of contiki,same network-wide keys are in operation. A network that gains andfor his contributionloses nodes on a regular basis is likely toMSF and autonomous unicast cells. </dd> <dt>Qin Wang</dt><dd> who leadreach thedesign65536 limit of the6top sublayer and contributed related text that was moved and/or adapted in this document; </dd> <dt>Rene Struik</dt><dd> for2-byte (16-bit) short addresses, even if thesecurity section and his contribution tonetwork has only a few thousand nodes. Network planners should consider theSecurity Design Team; </dd> <dt>Robert Assimiti</dt><dd> for his breakthrough work on RPL over TSCH and initial text and guidance; </dd> </dl><t> </t> </section> <section><name>Special Thanks</name><t> Special thanks to Jonathan Simon, Giuseppe Piro, Subir Das and Yoshihiro Ohba for their deep contributionneed to rekey theinitial security work, to Yasuyuki Tanaka for his worknetwork onimplementation and simulation that tremendously helped buildarobust system, to Diego Dujovne for starting and leading the SF0 effort and to Tengfei Chang for evolving itperiodic basis inthe MSF. </t><t> Special thanks alsoorder toPat Kinney, Charlie Perkins and Bob Heile for their support in maintainingrecover 2-byte addresses. The rekey can update theconnectionshort addresses for activeandnodes if desired, but there is actually no need to do this as long as thedesign in line with work happeningkey has been changed. </li> <li> With TSCH as it stands atIEEE 802.15. </t> <t> Special thanks to Ted Lemon who wastheINT Area A-D while this document was initiated for his great support and help throughout, and to Suresh Krishnan who took over with that kind efficiencytime ofhis till publication. </t><t> Also special thanksthis writing, the ASN will wrap after 2^40 timeslot durations, meaning around 350 years with the default values. Wrapping ASN is not expected toRalph Droms who performedhappen within thefirst INT Area Directorate review,lifetime of most LLNs. Yet, should the ASN wrap, the network must be rekeyed to avoid a nonce-reuse attack. </li> <li> Many cipher algorithms have some suggested limits on how many bytes should be encrypted with thatwas very deep and thorough and radically changedalgorithm before a new key is used. These numbers are typically in theorientations of this document, and thenmany toEliot Lear and Carlos Pignataro who help finalizehundreds of gigabytes of data. On very fast backbone networks, thisdocumentbecomes an important concern. On LLNs with typical data rates inpreparation totheIESG reviews, and to Gorry Fairhurst, David Mandelberg, Qin Wu, Francis Dupont, Eric Vyncke, Mirja Kuhlewind, Roman Danyliw, Benjamin Kaduk and Andrew Malis, who contributed tokilobits/second, this concern is significantly less. With IEEE Std 802.15.4 as it stands at thefinal shapingtime of thisdocument throughwriting, theIESG review procedure. </t> </section> <section><name>And Do not Forget</name> <t>This document isASN will wrap before theresultlimits ofmultiple interactions, in particular duringthe6TiSCH (bi)Weekly Interim call, relayed throughcurrent L2 crypto (AES-CCM-128) are reached, so the6TiSCH mailing list atproblem should never occur. </li> <li> In any fashion, if theIETF,LLN is expected to operate continuously for decades, then the operators are advised to plan for the need to rekey. </li> </ul> <t> Except for urgent rekeys caused by malicious nodes, the rekey operation described in <xref target="RFC9031"/> can be done as a background task and can be done incrementally. It is a make-before-break mechanism. The switch over to the new key is not signaled by time, but rather by observation that the new key is in use. As such, thecourse of more than 5 years. </t><t> The authors wish to thankupdate can take as long as needed, or occur inarbitrary order: Alaeddine Weslati, Chonggang Wang, Georgios Exarchakos, Zhuo Chen, Georgios Papadopoulos, Eric Levy-Abegnoli, Alfredo Grieco, Bert Greevenbosch, Cedric Adjih, Deji Chen, Martin Turon, Dominique Barthel, Elvis Vogli, Geraldine Texier, Guillaume Gaillard, Herman Storey, Kazushi Muraoka, Ken Bannister, Kuor Hsin Chang, Laurent Toutain, Maik Seewald, Michael Behringer, Nancy Cam Winget, Nicola Accettura, Nicolas Montavont, Oleg Hahm, Patrick Wetterwald, Paul Duffy, Peter van der Stock, Rahul Sen, Pieter de Mil, Pouria Zand, Rouhollah Nabati, Rafa Marin-Lopez, Raghuram Sudhaakar, Sedat Gormus, Shitanshu Shah, Steve Simlo, Tina Tsou, Tom Phinney, Xavier Lagrange, Ines Robles and Samita Chakrabarti for their participation and various contributions.as short a time as practical. </t> </section> </section> </middle> <back> <displayreferencetarget="I-D.ietf-6tisch-minimal-security" to="MIN-SECURITY"/>target="I-D.ietf-roll-rpl-industrial-applicability" to="RPL-APPLICABILITY"/> <displayreference target="I-D.ietf-6tisch-dtsecurity-zerotouch-join" to="ZEROTOUCH-JOIN"/> <displayreference target="I-D.ietf-manet-aodvv2" to="AODVv2"/> <displayreference target="I-D.ietf-roll-aodv-rpl" to="AODV-RPL"/> <displayreferencetarget="I-D.ietf-6lo-backbone-router" to="6BBR-DRAFT"/>target="I-D.ietf-lwig-6lowpan-virtual-reassembly" to="VIRTUAL-REASSEMBLY"/> <displayreferencetarget="I-D.ietf-6lo-fragment-recovery" to="RECOV-FRAG"/>target="I-D.ietf-roll-dao-projection" to="DAO-PROJECTION"/> <displayreferencetarget="I-D.ietf-6lo-minimal-fragment" to="MIN-FRAG"/>target="I-D.ietf-roll-capabilities" to="RPL-MOP"/> <displayreferencetarget="I-D.ietf-6lo-ap-nd" to="AP-ND"/>target="I-D.selander-ace-cose-ecdhe" to="EDHOC"/> <displayreferencetarget="I-D.ietf-roll-useofrplinfo" to="USEofRPLinfo"/>target="I-D.thubert-roll-bier" to="RPL-BIER"/> <displayreferencetarget="I-D.ietf-roll-unaware-leaves" to="RUL-DRAFT"/>target="I-D.thubert-bier-replication-elimination" to="TE-PREF"/> <displayreferencetarget="I-D.ietf-6tisch-enrollment-enhanced-beacon" to="ENH-BEACON"/>target="I-D.thubert-6lo-bier-dispatch" to="BITSTRINGS-6LORH"/> <displayreferencetarget="I-D.ietf-6tisch-msf" to="MSF"/> <references><name>Normativetarget="I-D.thubert-6man-unicast-lookup" to="ND-UNICAST-LOOKUP"/> <displayreference target="I-D.pthubert-raw-architecture" to="RAW-ARCHITECTURE"/> <displayreference target="I-D.tiloca-6tisch-robust-scheduling" to="ROBUST-SCHEDULING"/> <displayreference target="I-D.ietf-ace-coap-est" to="EST-COAPS"/> <displayreference target="I-D.ietf-anima-constrained-voucher" to="CONSTRAINED-VOUCHER"/> <displayreference target="I-D.ietf-raw-use-cases" to="RAW-USE-CASES"/> <references> <name>References</name> <references> <name>Normative References</name> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.0768.xml'/> <!-- Internet Protocol, Version 6 (IPv6) Specification --> <!-- <?rfc include="reference.RFC.2119"?> Key words for use in RFCs to Indicate Requirement Levels --> <xi:include href='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4861.xml'/> <!-- neighbor Discovery for IP version 6 (IPv6) --> <xi:include href='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4862.xml'/> <!-- IPv6 Stateless Address Autoconfiguration --> <xi:include href='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4944.xml'/> <!-- 6LoWPAN --> <xi:include href='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6282.xml'/> <!-- Compression Format for IPv6 Datagrams over IEEE 802.15.4-Based Networks --> <xi:include href='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6550.xml'/> <!-- RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks --> <xi:include href='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6551.xml'/> <!-- Routing Metrics Used for Path Calculation in LLNs --> <xi:include href='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6552.xml'/> <!-- RPL OF0: Objective Function Zero for RPL--> <xi:include href='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6553.xml'/> <!-- RPL Option for Carrying RPL Information in Data-Plane Datagrams --> <xi:include href='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6554.xml'/> <!-- An IPv6 Routing Header for Source Routes with RPL -->href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.0768.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6775.xml'/> <!-- neighbor Discovery Optimization for IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs) -->href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4861.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7252.xml'/> <!-- CoAP -->href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4862.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8025.xml'/> <!-- 6LoRH coding dispatch-->href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4944.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8137.xml'/>href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6282.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8138.xml'/> <!-- 6LoRH routing dispatch--> <!-- <?rfc include='reference.RFC.8174'?> Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words-->href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6550.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8180.xml'/> <!-- 6TiSCH minimal -->href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6551.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8200.xml'/> <!-- Internet Protocol, Version 6 (IPv6) Specification -->href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6552.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8480.xml'/> <!-- 6top protocol -->href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6553.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8453.xml'/> <!-- ACTN -->href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6554.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8505.xml'/> <!-- RFC6775 update -->href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6775.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7102.xml'/> <!-- Terms Used in Routing for Low-Power and Lossy Networks -->href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7252.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7554.xml'/> <!-- 6TiSCH TSCH -->href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8025.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7228.xml'/> <!-- Terminology for Constrained-Node Networks -->href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8137.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.5889.xml'/> <!-- IP Addressing Model in Ad Hoc Networks -->href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8138.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8655.xml'/> <!-- DetNet Architecture -->href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8180.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-6tisch-minimal-security.xml'/>href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8200.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-6lo-backbone-router.xml'/>href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8480.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-6lo-fragment-recovery.xml'/>href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8453.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-6lo-minimal-fragment.xml'/>href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8505.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-6lo-ap-nd.xml'/>href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7102.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-roll-useofrplinfo.xml'/>href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7554.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-roll-unaware-leaves.xml'/>href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7228.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-6tisch-enrollment-enhanced-beacon.xml'/>href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.5889.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-6tisch-msf.xml'/> </references> <references><name>Informative References</name> <!-- <?rfc include="reference.RFC.6620"?> FCFS SAVI: First-Come, First-Served Source Address Validation --> <!--?rfc include="reference.RFC.6655"?--> <!-- AES-CCM Cipher Suites for Transport Layer Security (TLS) --> <!--?rfc include="reference.RFC.5191"?--> <!--href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8655.xml"/> <reference anchor="RFC9031" target="https://www.rfc-editor.org/info/rfc9031"> <front> <title>Constrained Join Protocol (CoJP) forCarrying Authentication for Network Access (PANA) --> <xi:include href='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.5340.xml'/> <!-- OSPF for IPv6 --> <xi:include href='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6275.xml'/> <!-- Mobility Support in IPv6 -->6TiSCH</title> <author initials="M" surname="Vučinić" fullname=" Mališa Vučinić" role="editor"> <organization/> </author> <author initials="J" surname="Simon" fullname="Jonathan Simon"> <organization/> </author> <author initials="K" surname="Pister" fullname="Kris Pister"> <organization/> </author> <author initials="M" surname="Richardson" fullname="Michael Richardson"> <organization/> </author> <date month="May" year="2021"/> </front> <seriesInfo name="RFC" value="9031"/> <seriesInfo name="DOI" value="10.17487/RFC9031"/> </reference> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.2474.xml'/> <!-- Differentiated Services Field -->href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8929.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.2545.xml'/> <!-- BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing -->href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8931.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.3963.xml'/> <!-- Network Mobility (NEMO) --> <!-- <?rfc include="reference.RFC.3972"?> CGA -->href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8930.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.3209.xml'/> <!-- RSVP TE --> <!-- <?rfc include="reference.RFC.3971"?> SEcure Neighbor Discovery (SEND) -->href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8928.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4291.xml'/> <!-- IP Version 6 Addressing Architecture --> <!-- <?rfc include="reference.RFC.4429"?> IP Version 6 Optimistic DAD -->href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.9008.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.3444.xml'/> <!-- On the Difference between Information Models and Data Models --> <!-- <?rfc include="reference.RFC.3610"?> Counter with CBC-MAC (CCM) --> <!--href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.9010.xml"/> <reference anchor="RFC9032" target="https://www.rfc-editor.org/info/rfc9032"> <front> <title>Encapsulation of 6TiSCH--> <xi:include href='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4080.xml'/> <!-- Next Steps in Signaling (NSIS): Framework --> <!-- <?rfc include="reference.RFC.4389"?> IP Version 6 ND Proxy -->Join and Enrollment Information Elements</title> <author initials="D" surname="Dujovne" fullname="Diego Dujovne" role="editor"> <organization/> </author> <author initials="M" surname="Richardson" fullname="Michael Richardson"> <organization/> </author> <date month="May" year="2021"/> </front> <seriesInfo name="RFC" value="9032"/> <seriesInfo name="DOI" value="10.17487/RFC9032"/> </reference> <reference anchor="RFC9033" target="https://www.rfc-editor.org/info/rfc9033"> <front> <title>6TiSCH Minimal Scheduling Function (MSF)</title> <author initials="T" surname="Chang" fullname="Tengfei Chang" role="editor"> <organization/> </author> <author initials="M" surname="Vučinić" fullname="Mališa Vučinić"> <organization/> </author> <author initials="X" surname="Vilajosana" fullname="Xavier Vilajosana"> <organization/> </author> <author initials="S" surname="Duquennoy" fullname="Simon Duquennoy"> <organization/> </author> <author initials="D" surname="Dujovne" fullname="Diego Dujovne"> <organization/> </author> <date month="May" year="2021"/> </front> <seriesInfo name="RFC" value="9033"/> <seriesInfo name="DOI" value="10.17487/RFC9033"/> </reference> </references> <references><name>Informative References</name> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4919.xml'/> <!-- IPv6 over Low-Power Wireless Personal Area Networks -->href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5340.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4903.xml'/> <!-- IPv6 Multi-Link Subnet Issues -->href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6275.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.5974.xml'/> <!-- NSIS Signaling Layer Protocol (NSLP) for Quality-of-Service Signaling -->href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2474.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6347.xml'/> <!-- Datagram Transport Layer Security Version 1.2 -->href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2545.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6830.xml'/> <!-- The Locator/ID Separation Protocol (LISP) --> <!--?rfc include="reference.RFC.6997"?--> <!-- Reactive Discovery of Point-to-Point Routes in Low-Power and Lossy Networks -->href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.3963.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7426.xml'/> <!-- Software-Defined Networking (SDN): Layers and Architecture Terminology -->href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.3209.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6606.xml'/> <!-- Problem Statement and Requirements for 6LoWPAN Routing --> <!-- others --> <!--?rfc include='reference.I-D.ietf-ipv6-Multi-Link-subnets'?-->href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4291.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-roll-rpl-industrial-applicability.xml'/>href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.3444.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-6tisch-dtsecurity-zerotouch-join.xml'/>href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4080.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-core-object-security.xml'/>href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4919.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-manet-aodvv2.xml'/>href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4903.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8578.xml'/> <!-- Deterministic Networking Use Cases -->href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5974.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-detnet-ip.xml'/>href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6347.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-anima-bootstrapping-keyinfra.xml'/>href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6830.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-roll-aodv-rpl.xml'/>href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7426.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-lwig-6lowpan-virtual-reassembly.xml'/>href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6606.xml"/> <reference anchor="I-D.ietf-roll-rpl-industrial-applicability"> <front> <title>RPL applicability in industrial networks</title> <author fullname="Tom Phinney" role="editor"> </author> <author fullname="Pascal Thubert"> </author> <author fullname="Robert Assimiti"> </author> <date month="October" day="21" year="2013"/> </front> <seriesInfo name="Internet-Draft" value="draft-ietf-roll-rpl-industrial-applicability-02"/> </reference> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-roll-dao-projection.xml'/>href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.ietf-6tisch-dtsecurity-zerotouch-join.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.rahul-roll-mop-ext.xml'/>href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8613.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.selander-ace-cose-ecdhe.xml'/> <!-- <?rfc include='reference.I-D.svshah-tsvwg-lln-diffserv-recommendations'?> -->href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.ietf-manet-aodvv2.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.thubert-roll-bier.xml'/>href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8578.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.thubert-bier-replication-elimination.xml'/>href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8939.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.thubert-6lo-bier-dispatch.xml'/>href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8995.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.thubert-6man-unicast-lookup.xml'/>href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.ietf-roll-aodv-rpl.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.pthubert-raw-problem-statement.xml'/> <!--?rfc include='reference.I-D.bernardos-raw-use-cases'?-->href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.ietf-lwig-6lowpan-virtual-reassembly.xml"/> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.tiloca-6tisch-robust-scheduling.xml'/>href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.ietf-roll-dao-projection.xml"/> <reference anchor="I-D.ietf-roll-capabilities"> <front> <title>RPL Capabilities</title> <author initials="R" surname="Jadhav" fullname="Rahul Arvind Jadhav" role="editor"> </author> <author fullname="Pascal Thubert"> <organization>Cisco Systems, Inc</organization> </author> <author fullname="Michael Richardson"> <organization>Sandelman Software Works</organization> </author> <author initials="R" surname="Sahoo" fullname="Rabi Narayan Sahoo"> <organization>Juniper</organization> </author> <date month="March" day="17" year="2021"/> </front> <seriesInfo name="Internet-Draft" value="draft-ietf-roll-capabilities-08"/> </reference> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-ace-coap-est.xml'/>href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.selander-ace-cose-ecdhe.xml"/> <reference anchor="I-D.thubert-roll-bier"> <front> <title>RPL-BIER</title> <author initials="P" surname="Thubert" fullname="Pascal Thubert" role="editor"> <organization/> </author> <date month="July" day="24" year="2018"/> </front> <seriesInfo name="Internet-Draft" value="draft-thubert-roll-bier-02"/> </reference> <reference anchor="I-D.thubert-bier-replication-elimination"> <front> <title>BIER-TE extensions for Packet Replication and Elimination Function (PREF) and OAM</title> <author initials="P" surname="Thubert" fullname="Pascal Thubert" role="editor"> <organization/> </author> <author initials="T" surname="Eckert" fullname="Toerless Eckert"> <organization/> </author> <author initials="Z" surname="Brodard" fullname="Zacharie Brodard"> <organization/> </author> <author initials="H" surname="Jiang" fullname="Hao Jiang"> <organization/> </author> <date month="March" day="3" year="2018"/> </front> <seriesInfo name="Internet-Draft" value="draft-thubert-bier-replication-elimination-03"/> </reference> <reference anchor="I-D.thubert-6lo-bier-dispatch"> <front> <title>A 6loRH for BitStrings</title> <author initials="P" surname="Thubert" fullname="Pascal Thubert" role="editor"> <organization/> </author> <author initials="Z" surname="Brodard" fullname="Zacharie Brodard"> <organization/> </author> <author initials="H" surname="Jiang" fullname="Hao Jiang"> <organization/> </author> <author initials="G" surname="Texier" fullname="Geraldine Texier"> <organization/> </author> <date month="January" day="28" year="2019"/> </front> <seriesInfo name="Internet-Draft" value="draft-thubert-6lo-bier-dispatch-06"/> </reference> <reference anchor="I-D.thubert-6man-unicast-lookup"> <front> <title>IPv6 Neighbor Discovery Unicast Lookup</title> <author initials="P" surname="Thubert" fullname="Pascal Thubert" role="editor"> <organization/> </author> <author initials="E" surname="Levy-Abegnoli" fullname="Eric Levy-Abegnoli"> <organization/> </author> <date month="July" day="29" year="2019"/> </front> <seriesInfo name="Internet-Draft" value="draft-thubert-6man-unicast-lookup-00"/> </reference> <reference anchor="I-D.pthubert-raw-architecture"> <front> <title>Reliable and Available Wireless Problem Statement</title> <author initials="P" surname="Thubert" fullname="Pascal Thubert" role="editor"> <organization/> </author> <author initials="G. Z." surname="Papadopoulos" fullname="Georgios Papadopoulos"> <organization/> </author> <date month="November" day="15" year="2020"/> </front> <seriesInfo name="Internet-Draft" value="draft-pthubert-raw-architecture-05"/> </reference> <xi:includehref='https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-anima-constrained-voucher.xml'/>href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.tiloca-6tisch-robust-scheduling.xml"/> <reference anchor="I-D.ietf-ace-coap-est"> <front> <title>EST over secure CoAP (EST-coaps)</title> <author initials="P" surname="van der Stok" fullname="Peter van der Stok"> <organization/> </author> <author initials="P" surname="Kampanakis" fullname="Panos Kampanakis"> <organization/> </author> <author initials="M" surname="Richardson" fullname="Michael Richardson"> <organization/> </author> <author initials="S" surname="Raza" fullname="Shahid Raza"> <organization/> </author> <date month="January" day="6" year="2020"/> </front> <seriesInfo name="Internet-Draft" value="draft-ietf-ace-coap-est-18"/> </reference> <reference anchor="I-D.ietf-anima-constrained-voucher" target="https://tools.ietf.org/html/draft-ietf-anima-constrained-voucher-10"> <front> <title>Constrained Voucher Artifacts for Bootstrapping Protocols</title> <author initials="M" surname="Richardson" fullname="Michael Richardson"> <organization/> </author> <author initials="P" surname="van der Stok" fullname="Peter van der Stok"> <organization/> </author> <author initials="P" surname="Kampanakis" fullname="Panos Kampanakis"> <organization/> </author> <date month="February" day="21" year="2021"/> </front> <seriesInfo name="Internet-Draft" value="draft-ietf-anima-constrained-voucher-10"/> </reference> <referenceanchor='IEEE802154'>anchor="IEEE802154" target="https://ieeexplore.ieee.org/document/7460875"> <front> <title>IEEEStd. 802.15.4, Part. 15.4: Wireless Medium Access Control (MAC) and Physical Layer (PHY) SpecificationsStandard for Low-Rate WirelessPersonal Area Networks </title>Networks</title> <author><organization>IEEE standard for Information Technology</organization><organization>IEEE</organization> </author><date/><date month="April" year="2016"/> </front> <seriesInfo name="IEEE Standard" value="802.15.4-2015"/> <seriesInfo name="DOI" value="10.1109/IEEESTD.2016.7460875"/> </reference> <referenceanchor='CCMstar' target='www.ieee802.org/15/pub/2004/15-04-0537-00-004b-formal-specification-ccm-star-mode-operation.doc'>anchor="CCMstar" target="http://www.ieee802.org/15/pub/2004/15-04-0537-00-004b-formal-specification-ccm-star-mode-operation.doc"> <front><title> Formal<title>Formal Specification of the CCM* Mode ofOperation </title>Operation</title> <authorfullname='Rene Struik'> <organization>IEEE standard for Information Technology</organization>fullname="Rene Struik"> <organization>IEEE</organization> </author> <datemonth='September' year='2004'/>month="September" year="2004"/> </front> </reference> <referenceanchor='IEEE802154e'>anchor="IEEE802154e" target="https://ieeexplore.ieee.org/document/6185525"> <front> <title>IEEEstandardStandard forInformation Technology, IEEE Std. 802.15.4, Part. 15.4: Wireless Medium Access Control (MAC)Local andPhysical Layer (PHY) Specifications for Low-Rate Wireless Personal Area Networks, June 2011 as amended by IEEE Std. 802.15.4e,metropolitan area networks -- Part. 15.4: Low-Rate Wireless Personal Area Networks (LR-WPANs) Amendment 1: MAC sublayer </title> <author><organization>IEEE standard for Information Technology</organization><organization>IEEE</organization> </author> <datemonth='April' year='2012'/>month="April" year="2012"/> </front> <seriesInfo name="IEEE Standard" value="802.15.4e-2012"/> <seriesInfo name="DOI" value="10.1109/IEEESTD.2012.6185525"/> </reference><!--reference anchor="IEEE802.1TSNTG" target="http://www.ieee802.org/1/pages/avbridges.html"> <front> <title>IEEE 802.1 Time-Sensitive Networks Task Group</title> <author> <organization>IEEE Standards Association</organization> </author> <date day="08" month="March" year="2013" /> </front> </reference--><referenceanchor='WirelessHART'>anchor="WirelessHART" target="https://webstore.iec.ch/publication/24433"> <front> <title>IndustrialCommunication Networksnetworks - WirelessCommunication Networkcommunication network andCommunication Profiles - WirelessHARTcommunication profiles -IEC 62591</title>WirelessHART(TM)</title> <author><organization>www.hartcomm.org</organization><organization>International Electrotechnical Commission</organization> </author> <dateyear='2010'/>month="March" year="2016"/> </front> <seriesInfo name="IEC" value="62591:2016"/> </reference> <referenceanchor='HART'>anchor="HART" target="https://fieldcommgroup.org/technologies/hart"> <front><title>Highway Addressable remote Transducer, a group of specifications for industrial process and control devices administered by the HART Foundation</title><title>HART</title> <author><organization>www.hartcomm.org</organization><organization>FieldComm Group</organization> </author><date/></front> </reference> <referenceanchor='ISA100.11a' target='http://www.isa.org/Community/SP100WirelessSystemsforAutomation'>anchor="ISA100.11a" target="https://webstore.iec.ch/publication/65581"> <front> <title>Wireless Systems for Industrial Automation: Process Control and Related Applications -ISA100.11a-2011 - IEC 62734</title>ISA100.11a-2011</title> <author> <organization>ISA/ANSI</organization> </author> <dateyear='2011'/>year="2011"/> </front> <seriesInfo name="IEC" value="62734:2014"/> </reference> <referenceanchor='ISA100' target='https://www.isa.org/isa100/'>anchor="ISA100" target="https://www.isa.org/isa100/"> <front> <title>ISA100, Wireless Systems for Automation</title> <author> <organization>ISA/ANSI</organization> </author><date/></front> </reference> <referenceanchor='TEAS' target='https://dataTracker.ietf.org/doc/charter-ietf-teas/'>anchor="TEAS" target="https://datatracker.ietf.org/doc/charter-ietf-teas/"> <front> <title>Traffic Engineering Architecture andSignaling</title>Signaling (teas)</title> <author> <organization>IETF</organization> </author><date/></front> </reference> <referenceanchor='ANIMA' target='https://dataTracker.ietf.org/doc/charter-ietf-anima/'>anchor="ANIMA" target="https://datatracker.ietf.org/doc/charter-ietf-anima/"> <front> <title>Autonomic Networking Integrated Model andApproach</title>Approach (anima)</title> <author> <organization>IETF</organization> </author><date/></front> </reference> <referenceanchor='PCE' target='https://dataTracker.ietf.org/doc/charter-ietf-pce/'>anchor="PCE" target="https://datatracker.ietf.org/doc/charter-ietf-pce/"> <front> <title>Path ComputationElement</title>Element (pce)</title> <author> <organization>IETF</organization> </author><date/></front> </reference> <referenceanchor='CCAMP' target='https://dataTracker.ietf.org/doc/charter-ietf-ccamp/'>anchor="CCAMP" target="https://datatracker.ietf.org/doc/charter-ietf-ccamp/"> <front> <title>Common Control and MeasurementPlane</title>Plane (ccamp)</title> <author> <organization>IETF</organization> </author><date/></front> </reference> <referenceanchor='AMI' target='https://www.energy.gov/sites/prod/files/2016/12/f34/AMI%20Summary%20Report_09-26-16.pdf'>anchor="AMI" target="https://www.energy.gov/sites/prod/files/2016/12/f34/AMI%20Summary%20Report_09-26-16.pdf"> <front> <title>Advanced Metering Infrastructure andCustomer Systems </title> <author> <organization>US DepartmentCustomer Systems </title> <author> <organization>U.S. Department of Energy</organization> </author> <date year="2006"/> </front> </reference> <reference anchor="S-ALOHA" target="https://dl.acm.org/citation.cfm?id=1024920"> <front> <title>ALOHA packet system with and without slots and capture</title> <author surname="Roberts" fullname="Lawrence G. Roberts"> </author> <date month="April" year="1975"/> </front> <refcontent>ACM SIGCOMM Computer Communication Review</refcontent> <seriesInfo name="DOI" value="10.1145/1024916.1024920"/> </reference> <reference anchor="IEC62439" target="https://webstore.iec.ch/publication/24438"> <front> <title>Industrial communication networks - High availability automation networks - Part 3: Parallel Redundancy Protocol (PRP) and High-availability Seamless Redundancy (HSR)</title> <author> <organization>IEC</organization> </author> <date year="2016"/> </front> <seriesInfo name="IEC" value="62439-3:2016"/> </reference> <xi:include href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.ietf-raw-use-cases.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.9035.xml"/> </references> </references> <section><name>Related Work in Progress</name> <t>This document has been incremented as the work progressed following the evolution of the WG charter and the availability of dependent work. The intent was to publish when the WG concluded on the covered items. At the time of publishing, the following specifications are still in progress and may affect the evolution of the stack in a 6TiSCH-aware node. </t> <section anchor="unchartered"><name>Unchartered IETF Work Items</name> <section anchor="unchartered-sec"><name>6TiSCH Zero-Touch Security</name> <t> The security model and in particular the zero-touch join process <xref target="I-D.ietf-6tisch-dtsecurity-zerotouch-join"/> depend on the ANIMA (Autonomic Networking Integrated Model and Approach) <xref target="ANIMA"/> "<xref target="RFC8995" format="title"/>" <xref target="RFC8995"/> to enable zero-touch security provisioning; for highly constrained nodes, a minimal model based on pre-shared keys (PSK) is also available. As currently written, it also depends on a number of documents in progress in the CORE (Constrained RESTful Environments) WG and on <xref target="I-D.selander-ace-cose-ecdhe">"Ephemeral Diffie-Hellman Over COSE (EDHOC)"</xref>, which is being considered for adoption by the LAKE (Lightweight Authenticated Key Exchange) WG. </t> </section> <section anchor="unchartered-tracks"><name>6TiSCH Track Setup</name> <t> ROLL (Routing Over Low power and Lossy networks) is now standardizing a reactive routing protocol based on RPL <xref target="I-D.ietf-roll-aodv-rpl"/>. The need ofEnergy</organization> </author> <date year='2006'/> </front> </reference> <reference anchor='S-ALOHA' target='https://dl.acm.org/citation.cfm?id=1024920'> <front> <title>ALOHA Packet System With and Without Slotsa reactive routing protocol to establish on-demand, constraint-optimized routes andCapture</title> <author surname='Roberts' fullname='Lawrence G. Roberts'> <organization>ACM SIGCOMM Computer Communication Review</organization> </author> <date month='April' year='1975'/> </front> <seriesInfo name='doi' value='10.1145/1024916.1024920'/> </reference> <reference anchor='IEC62439' target='https://webstore.iec.ch/publication/7018'> <front> <title>Industrial communication networks - High availability automationa reservation protocol to establish Layer 3 Tracks is being discussed in 6TiSCH but not yet chartered. </t><t> At the time of this writing, there is new work planned in the IETF to provide limited deterministic networking capabilities for wireless networks- Part 3: Parallel Redundancy Protocol (PRP)with a focus on forwarding behaviors to react quickly andHigh-availability Seamless Redundancy (HSR) - IEC62439-3</title> <author> <organization>IEC</organization> </author> <date year='2012'/> </front> </reference> </references> <section><name>Related Work In Progress</name> <t>This document has been incremented aslocally to thework progressed followingchanges as described in <xref target="I-D.pthubert-raw-architecture"/>. </t><t> ROLL is also standardizing an extension to RPL to set up centrally computed routes <xref target="I-D.ietf-roll-dao-projection"/>. </t><t> The 6TiSCH architecture should thus inherit from theevolution<xref target="RFC8655">DetNet architecture</xref> and thus depends on it. The PCE should be a core component of that architecture. An extension to RPL or to TEAS (Traffic Engineering Architecture and Signaling) <xref target="TEAS"/> will be required to expose theWG charter6TiSCH node capabilities and theavailabilitynetwork peers to the PCE, possibly in combination with <xref target="I-D.ietf-roll-capabilities"/>. A protocol such as a lightweight Path Computation Element Communication Protocol (PCEP) or an adaptation ofdependent work. The intent wasCommon Control and Measurement Plane (CCAMP) <xref target="CCAMP"/> GMPLS formats and procedures could be used in combination topublish when the WG concludes on the covered items. At the time of publishing<xref target="I-D.ietf-roll-dao-projection"/> to install thefollowing specification are still in progress and may affectTracks, as computed by theevolution ofPCE, to thestack in a 6TiSCH-aware node.6TiSCH nodes. </t><!--</section> <sectionanchor="chartered" title="Chartered IETF work items">anchor="unchartered-bier"><name>Using BIER in a 6TiSCH Network</name> <t>The operation of the Backbone Router <xref target="I-D.ietf-6lo-backbone-router"/>ROLL isstable butactively working on Bit Index Explicit Replication (BIER) as a method to compress both theRFC is not published yet. The protection of registered addresses against impersonationdata-plane packets andtake over will be guaranteed bythe routing tables in storing mode <xreftarget="I-D.ietf-6lo-ap-nd">Address Protected Neighbor Discovery for Low-power and Lossy Networks</xref>, which is not yet published either.target="I-D.thubert-roll-bier"/>. </t> <t>New procedures have been defined at ROLL that extend RPL and mayBIER could also be used in the context ofinterest for a 6TiSCH stack. In particular <xref target="I-D.ietf-roll-unaware-leaves"/> enables a 6LN that implements onlythe DetNet service layer. <xreftarget='RFC8505'/>target="I-D.thubert-bier-replication-elimination"> "BIER-TE extensions for Packet Replication andavoidElimination Function (PREF) and OAM"</xref> leverages BIER Traffic Engineering (TE) to control thesupport of RPL. </t> </section> Chartered IETF work items --> <section anchor='unchartered'><name>Unchartered IETF work items</name> <section anchor='unchartered-sec'><name>6TiSCH Zerotouch security</name> <t> The security modelDetNet Replication and Elimination activities inparticular the zerotouch join process <xref target='I-D.ietf-6tisch-dtsecurity-zerotouch-join'/> depends ontheANIMA <xref target='ANIMA'/> <xref target='I-D.ietf-anima-bootstrapping-keyinfra'>Bootstrapping Remote Secure Key Infrastructures (BRSKI)</xref>data plane, and toenable zero-touch security provisionning; for highly constrained nodes, a minimal model basedprovide traceability onpre-shared keys (PSK)links where replication and loss happen, in a manner that isalso available. As writtenabstract tothis day, it also depends on a number of documents in progress as CORE, and onthe forwarding information. </t> <t> <xreftarget='I-D.selander-ace-cose-ecdhe'>"Ephemeral Diffie-Hellman Over COSE (EDHOC)"</xref>, which is being consideredtarget="I-D.thubert-6lo-bier-dispatch">"A 6loRH for BitStrings"</xref> proposes a 6LoWPAN compression foradoption attheLAKE WG.BIER BitString based on <xref target="RFC8138">6LoWPAN Routing Header</xref>. </t> </section><!-- "6TiSCH Zerotouch security" --></section> <sectionanchor='unchartered-tracks'><name>6TiSCH Track Setup</name>anchor="external"><name>External (Non-IETF) Work Items</name> <t>ROLL is now standardizingThe current charter positions 6TiSCH on IEEE Std 802.15.4 only. Though most of the design should be portable to other link types, 6TiSCH has areactive routing protocol basedstrong dependency onRPL <xref target='I-D.ietf-roll-aodv-rpl'/>IEEE Std 802.15.4 and its evolution. Theneedimpact ofa reactive routing protocolchanges toestablish on-demand constraint-optimized routes and a reservation protocolTSCH on this architecture should be minimal toestablish Layer-3 Tracks is being discussed at 6TiSCHnonexistent, butnot chartered for. </t><t> <!-- Atdeeper work such as 6top and security may be impacted. A 6TiSCH Interest Group at thetime of this writing,IEEE maintains theformation of a new working group called RAW for Reliablesynchronization andAvailable Wireless networking is being considered. Thehelps foster workon centralized Track computationat the IEEE should 6TiSCH demand it. </t> <t> Work isdeferred to a subsequent work, not necessarilybeing proposed at6TiSCH. A Predictable and Available Wireless (PAW) bar-BoF took place. RAW may form as a WG and develop a generic specificationIEEE (802.15.12 PAR) forTrack operationsan LLC that wouldcover 6TiSCH requirements as expressedlogically include the 6top sublayer. The interaction with the 6top sublayer and the Scheduling Functions described in thisarchitecture, more in <xref target='I-D.thubert-raw-technologies'/> anddocument are yet to be defined. </t> <t> ISA100 <xreftarget='I-D.pthubert-raw-problem-statement'/>. In a large LLN, ittarget="ISA100"/> Common Network Management (CNM) isnot feasibleanother external work of interest for 6TiSCH. The group, referred toupdate the routes fromas ISA100.20, defines acentral controllerCommon Network Management framework thatresides far over the constrained network atshould enable thespeed at whichmanagement of resources that are controlled by heterogeneous protocols such as ISA100.11a <xref target="ISA100.11a"/>, WirelessHART <xref target="WirelessHART"/>, and 6TiSCH. Interestingly, thequalityestablishment ofthe wireless links varies. RAW would focus6TiSCH deterministic paths, called Tracks, are also in scope, and ISA100.20 is working onforwarding behaviorsrequirements for DetNet. </t> </section> </section> <section numbered="false"><name>Acknowledgments</name> <section numbered="false" toc="exclude"><name>Special Thanks</name> <t> Special thanks toreact quickly and locally<contact fullname="Jonathan Simon"/>, <contact fullname="Giuseppe Piro"/>, <contact fullname="Subir Das"/>, and <contact fullname="Yoshihiro Ohba"/> for their deep contributions to thechanges in the wireless links. --> At the time of this writing, there is new work planned in the IETFinitial security work, toprovide limited deterministic networking capabilities<contact fullname="Yasuyuki Tanaka"/> forwireless networks with a focushis work onforwarding behaviors to react quicklyimplementation andlocallysimulation that tremendously helped build a robust system, to <contact fullname="Diego Dujovne"/> for starting and leading thechanges as describedSF0 effort, and to <contact fullname="Tengfei Chang"/> for evolving it in<xref target='I-D.pthubert-raw-problem-statement'/>.the MSF. </t><t>ROLL isSpecial thanks alsostandardizing an extension to RPLtosetup centrally-computed routes <xref target='I-D.ietf-roll-dao-projection'/> </t><t> The 6TiSCH Architecture should thus inherit from<contact fullname="Pat Kinney"/>, <contact fullname="Charlie Perkins"/>, and <contact fullname="Bob Heile"/> for their support in maintaining the<xref target='RFC8655'>DetNet</xref> architectureconnection active andthus depends on it. The Path Computation Element (PCE) should be a core component of that architecture. An extension to RPL or to TEAS <xref target='TEAS'/> will be requiredthe design in line with work happening at IEEE 802.15. </t> <t> Special thanks toexpose<contact fullname="Ted Lemon"/>, who was the6TiSCH node capabilitiesINT Area Director while this document was initiated, for his great support and help throughout, andthe network peerstothe PCE, possibly in combination<contact fullname="Suresh Krishnan"/>, who took over with<xref target='I-D.rahul-roll-mop-ext'/>. A protocol such as a lightweight PCEP or an adaptationthat kind efficiency ofCCAMP <xref target='CCAMP'/> G-MPLS formatshis till publication. </t><t> Also special thanks to <contact fullname="Ralph Droms"/>, who performed the first INT Area Directorate review, which was very deep andprocedures could be usedthorough and radically changed the orientations of this document, and then to <contact fullname="Eliot Lear"/> and <contact fullname="Carlos Pignataro"/>, who helped finalize this document incombinationpreparation for the IESG reviews, and to<xref target='I-D.ietf-roll-dao-projection'/><contact fullname="Gorry Fairhurst"/>, <contact fullname="David Mandelberg"/>, <contact fullname="Qin Wu"/>, <contact fullname="Francis Dupont"/>, <contact fullname="Éric Vyncke"/>, <contact fullname="Mirja Kühlewind"/>, <contact fullname="Roman Danyliw"/>, <contact fullname="Benjamin Kaduk"/>, and <contact fullname="Andrew Malis"/>, who contributed toinstall the Tracks, as computed bythePCE, tofinal shaping of this document through the6TiSCH nodes.IESG review procedure. </t></section><!-- 6TiSCH Track Setup --></section> <sectionanchor='unchartered-bier'><name>Using BIER in a 6TiSCH Network</name> <t> ROLLnumbered="false" toc="exclude"><name>And Do Not Forget</name> <t>This document isactively working on Bit Index Explicit Replication (BIER) as a method to compress both the dataplane packets andtherouting tables in storing mode <xref target='I-D.thubert-roll-bier'/>. </t> <t> BIER could also be usedresult of multiple interactions, in particular during thecontext of6TiSCH (bi)Weekly Interim call, relayed through theDetNet service layer. <xref target='I-D.thubert-bier-replication-elimination'> BIER-TE-based OAM, Replication and Elimination </xref> leverages BIER Traffic Engineering (TE) to control in6TiSCH mailing list at thedata planeIETF, over theDetNet Replication and Elimination activities, andcourse of more than 5 years. </t><t> The authors wish toprovide traceability on links where replication and loss happen,thank ina manner that is abstract to the forwarding information. </t> <t> <xref target='I-D.thubert-6lo-bier-dispatch'>a 6loRH for BitStrings</xref> proposes a 6LoWPAN compressionarbitrary order: <contact fullname="Alaeddine Weslati"/>, <contact fullname="Chonggang Wang"/>, <contact fullname="Georgios Exarchakos"/>, <contact fullname="Zhuo Chen"/>, <contact fullname="Georgios Papadopoulos"/>, <contact fullname="Eric Levy-Abegnoli"/>, <contact fullname="Alfredo Grieco"/>, <contact fullname="Bert Greevenbosch"/>, <contact fullname="Cedric Adjih"/>, <contact fullname="Deji Chen"/>, <contact fullname="Martin Turon"/>, <contact fullname="Dominique Barthel"/>, <contact fullname="Elvis Vogli"/>, <contact fullname="Geraldine Texier"/>, <contact fullname="Guillaume Gaillard"/>, <contact fullname="Herman Storey"/>, <contact fullname="Kazushi Muraoka"/>, <contact fullname="Ken Bannister"/>, <contact fullname="Kuor Hsin Chang"/>, <contact fullname="Laurent Toutain"/>, <contact fullname="Maik Seewald"/>, <contact fullname="Michael Behringer"/>, <contact fullname="Nancy Cam Winget"/>, <contact fullname="Nicola Accettura"/>, <contact fullname="Nicolas Montavont"/>, <contact fullname="Oleg Hahm"/>, <contact fullname="Patrick Wetterwald"/>, <contact fullname="Paul Duffy"/>, <contact fullname="Peter van der Stok"/>, <contact fullname="Rahul Sen"/>, <contact fullname="Pieter de Mil"/>, <contact fullname="Pouria Zand"/>, <contact fullname="Rouhollah Nabati"/>, <contact fullname="Rafa Marin-Lopez"/>, <contact fullname="Raghuram Sudhaakar"/>, <contact fullname="Sedat Gormus"/>, <contact fullname="Shitanshu Shah"/>, <contact fullname="Steve Simlo"/>, <contact fullname="Tina Tsou"/>, <contact fullname="Tom Phinney"/>, <contact fullname="Xavier Lagrange"/>, <contact fullname="Ines Robles"/>, and <contact fullname="Samita Chakrabarti"/> forthe BIER Bitstring based on <xref target='RFC8138'>6LoWPAN Routing Header</xref>.their participation and various contributions. </t> </section><!-- 6TiSCH Track Setup --> </section><!-- Unchartered IETF work items --></section> <sectionanchor='external'><name>External (non-IETF) work items</name> <t> The current charter positions 6TiSCH on IEEE Std. 802.15.4 only. Though mostnumbered="false"><name>Contributors</name> <t>The co-authors of this document are listed below: </t><ul empty="true" spacing="normal"> <li><t><contact fullname="Thomas Watteyne"/> for his contributions to thedesign should be portable on other link types, 6TiSCH has a strong dependencywhole design, in particular onIEEE Std. 802.15.4TSCH and security, andits evolution. The impact of changestoTSCH on this Architecture should bethe open source community that he created with openWSN;</t> </li> <li><t><contact fullname="Xavier Vilajosana"/>, who led the design of the minimal support with RPL and contributed deeply tonon-existent, but deeper work such asthe 6top design andsecurity may be impacted. A 6TiSCH Interest Group attheIEEE maintains the synchronizationGMPLS operation of Track switching;</t> </li> <li><t><contact fullname="Kris Pister"/> for creating TSCH andhelps fosterhis continuing guidance through the elaboration of this design;</t> </li> <li><t><contact fullname="Mališa Vučinić"/> for the workaton theIEEE should 6TiSCH demand it. </t> <t> Work is being proposed at IEEE (802.15.12 PAR)one-touch join process and his contribution to the Security Design Team;</t> </li> <li><t><contact fullname="Michael Richardson"/> foran LLC that would logically includehis leadership role in the6top sublayer. The interaction withSecurity Design Team and his contribution throughout this document;</t> </li> <li><t><contact fullname="Tero Kivinen"/> for his contribution to the6top sublayersecurity work in general and theScheduling Functions describedsecurity section in particular;</t> </li> <li><t><contact fullname="Maria Rita Palattella"/> for managing the Terminology document that was merged into this documentare yet to be defined. </t> <t> ISA100 <xref target='ISA100'/> Common Network Management (CNM) is another externalthrough the work ofinterest6TiSCH;</t> </li> <li><t><contact fullname="Simon Duquennoy"/> for6TiSCH. The group, referredhis contribution toas ISA100.20, defines a Common Network Management framework that should enablethemanagementopen source community with the 6TiSCH implementation ofresources that are controlled by heterogeneous protocols such as ISA100.11a <xref target='ISA100.11a'/>, WirelessHART <xref target='WirelessHART'/>,contiki, and6TiSCH. Interestingly,for his contribution to MSF and autonomous unicast cells;</t> </li> <li><t><contact fullname="Qin Wang"/>, who led theestablishmentdesign of6TiSCH Deterministic paths, called Tracks, are also in scope,the 6top sublayer andISA100.20 is working on requirementscontributed related text that was moved and/or adapted into this document;</t> </li> <li><t><contact fullname="Rene Struik"/> forDetNet. </t> </section><!-- External IETFthe security section and his contribution to the Security Design Team;</t> </li> <li><t><contact fullname="Robert Assimiti"/> for his breakthrough workitems --> </section><!--title="DependenciesonWork In Progress"-->RPL over TSCH and initial text and guidance.</t> </li> </ul> </section> </back> </rfc>